LUX Infusion
Senior Security Analyst
United States – Remote
Role brief
What this role is asking for.
See your work in a new light. At LUX Infusion, we’re reimagining infusion care to be more human, supportive, and connected. Inspired by lux —meaning light - we guide patients, providers, and partners through complex therapies with clarity, compassion, and confidence. As a clinician-led, U.S.-based organization, we put people first - helping patients feel seen and supported through faster therapy starts, dedicated care coordination, and meaningful collaboration. Our commitment to inclusion, diversity, equity, and advancement (IDEA) is central to our culture, ensuring every team member feels valued and empowered to make a difference. See your work in a new light. At LUX Infusion , we’re reimagining infusion care as something more human, more supportive, and more connected. We lead with compassion and clarity - helping patients feel confident in moments that matter, while giving providers and partners the trust and insight they need to deliver better outcomes. We’re looking for a Senior Security Analyst who wants their work to mean something - someone who brings care, accountability, and purpose to what they do every day. Full-time- Remote Opportunity Why This Role Matters Job Summary The Senior Security Analyst (Healthcare) is responsible for protecting the organization’s information systems, data, and technology assets with a primary focus on safeguarding Protected Health Information (PHI) and ensuring compliance with healthcare regulatory requirements. This role plays a critical part in designing, implementing, monitoring, and improving the organization’s cybersecurity posture in alignment with HIPAA, HITECH, and other applicable standards. This position serves as a senior technical and operational resource within the security function, leading security monitoring, incident response, risk assessments, vulnerability management, and compliance initiatives. The Senior Security Analyst works closely with IT, infrastructure, application teams, compliance, and external partners to identify risks, respond to threats, and maintain a strong security posture across a multi-site healthcare environment. What You’ll Do Responsibilities include: Security Operations and Monitoring Monitor and analyze security events and alerts across networks, endpoints, cloud platforms, and applications. Investigate suspicious activity and lead incident response efforts, including triage, containment, eradication, and recovery. Serve as an escalation point for complex security incidents and coordinate cross-functional response efforts. Maintain and tune SIEM, EDR, and other security tools to improve detection and reduce false positives. Conduct root cause analysis and document incidents, actions taken, and lessons learned. Healthcare Security and Compliance Ensure compliance with HIPAA, HITECH, and other healthcare regulatory and privacy requirements. Participate in security risk assessments, gap analyses, and audits (internal and external), including support for third-party assessments. Develop and maintain security policies, standards, and procedures aligned with regulatory expectations. Monitor controls related to PHI protection, data access, and breach prevention. Support audit readiness and remediation activities for compliance findings. Vulnerability and Risk Management Conduct regular vulnerability scans and coordinate remediation efforts across infrastructure and application teams. Prioritize risks based on business impact, exploitability, and regulatory exposure. Track and report on vulnerability remediation status and risk reduction efforts. Perform risk assessments on new systems, vendors, and technology implementations. Contribute to third-party risk management and vendor security reviews. Security Engineering and Architecture Support Collaborate with infrastructure and application teams to implement secure configurations and controls. Evaluate and recommend security solutions, tools, and technologies to enhance protection capabilities. Support secure design reviews for new applications, systems, and integrations. Validate implementation of security controls across networks, endpoints, and cloud environments. Identity and Access Management (IAM ) Review and monitor user access to systems containing PHI and sensitive data. Support access governance processes, including provisioning, deprovisioning, and periodic access reviews. Investigate access anomalies and enforce least-privilege principles. Training, Awareness, and Continuous Improvement Support security awareness and training initiatives with a focus on healthcare threats (e.g., phishing, ransomware). Provide guidance to IT and business teams on security best practices and risk mitigation. Identify opportunities to improve security processes, tooling, and response capabilities. Mentor junior analysts and contribute to the development of the security team. Familiarity with: HIPAA Security Rule and Privacy Rule NIST Cybersecurity Framework (CSF) and/or NIST 800-53 HITRUST CSF (preferred in healthcare environments) Knowledge of identity and access management practices. Understanding of secure system and application design principles. Skills and Competencies Strong analytical and problem-solving skills with the ability to assess complex security threats. Ability to lead incident response efforts under pressure and with urgency. Excellent written and verbal communication skills, including documentation and reporting. Strong attention to detail and ability to manage multiple priorities. Ability to work cross-functionally with IT, compliance, legal, and business stakeholders. High level of integrity and commitment to protecting sensitive data. KEY SUCCESS MEASURES Effective detection and response to security incidents Reduction in vulnerabilities and security risk exposure Successful audit outcomes and regulatory compliance adherence Protection of PHI with minimal security-related disruptions Improved security posture through proactive controls and monitoring Strong collaboration and stakeholder confidence in security operations PHYSICAL DEMANDS AND WORK ENVIRONMENT Effective detection and response to security incidents Reduction in vulnerabilities and security risk exposure Successful audit outcomes and regulatory compliance adherence Protection of PHI with minimal security-related disruptions Improved security posture through proactive controls and monitoring Strong collaboration and stakeholder confidence in security operations This position requires constant sitting with occasional walking, standing, kneeling or stooping. This position requires the use of hands to finger, handle or feel objects and the ability to reach with hands and arms. This position requires constant talking and hearing. Specific vision abilities required by this job include close vision and the ability to adjust focus. This position must occasionally lift and/or move up to 25 pounds Required to move/lift physical hardware What We’re Looking For You may be a great fit if you bring: Education and Experience Bachelor’s degree in Cybersecurity, Information Technology, or a related field preferred; equivalent experience considered. 5+ years of experience in cybersecurity, information security, or related roles. 2+ years of experience in healthcare IT, security, or regulated environments required. Demonstrated experience with incident response, threat detection, and vulnerability management. Experience supporting audits and compliance frameworks in regulated industries. Technical Knowledge Strong understanding of: Security operations (SIEM, EDR, log analysis) Network security (firewalls, IDS/IPS, segmentation) Endpoint security and device hardening Cloud security principles (Azure, AWS, or similar) Vulnerability scanning and remediation tools Familiarity with: HIPAA Security Rule and Privacy Rule NIST Cybersecurity Framework (CSF) and/or NIST 800-53 o HITRUST CSF (preferred in healthcare environments) Knowledge of identity and access management practices. Understanding of secure system and application design principles. QUALIFICATIONS PREFERRED Industry certifications such as: CISSP, CISM, or CISA (strongly preferred) CEH, Security+, or GIAC certifications (nice to have) Experience with healthcare systems such as EHR/EMR platforms (e.g., Epic, Cerner). Experience in ransomware preparedness and response within healthcare environments. Familiarity with Microsoft security stack (Defender, Sentinel, Entra ID) or comparable platforms. Experience supporting HITRUST certification or attestation Why LUX Infusion At LUX Infusion, we believe infusion care deserves more light - more warmth, more clarity, and more connection. Here, you’ll find: Purpose‑driven work with real impact A patient‑first, clinician‑led culture Supportive, collaborative teammates The opportunity to grow with a company building something meaningful Come help us elevate infusion care - and see what’s possible when care comes first. Pay Range/Rate $110,000 — $120,000 USD PHYSICAL DEMANDS The physical demands described here represent those required for an employee to successfully perform the essential functions of this role. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions. If you require a reasonable accommodation during the application or interview process, please contact the LUX Infusion Talent Team at Careers@LUXInfusion.com or 954.385.7322 x 1425 . While performing the duties of this position, the employee may occasionally be required to stand, walk, or sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; climb stairs; balance; stoop, kneel, crouch, or crawl; and talk or hear. The employee may also be required to occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this role include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus. OTHER REQUIREMENTS Employees are expected to: Participate annually in required legal and ethical compliance training Consistently act in compliance with LUX Infusion’s legal, ethical, and compliance policies Adhere to all standards and procedures outlined in the LUX Infusion Compliance Manual Refrain from any behavior that could be considered unethical or unlawful EXPECTATIONS FOR ALL EMPLOYEES All LUX Infusion team members are expected to support the organization’s mission, vision, and values by demonstrating integrity, dedication, compassion, and enthusiasm. This includes placing patients first, working collaboratively with a “stacked‑hands” mindset, and maintaining a consistent focus on quality, accountability, and continuous improvement. GENERAL INFORMATION The statements above are intended to describe the general nature and level of work performed by individuals in this role. They are not intended to be an exhaustive list of all responsibilities, duties, or skills required. This role operates in a fast‑paced environment and requires the ability to prioritize competing demands, manage multiple tasks effectively, and seek guidance when appropriate. Employees in this position may be required to assist directly - or coordinate appropriate assistance - to ensure access to LUX Infusion’s services for individuals with disabilities, including patients, visitors, employees, or others. LUX Infusion is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.
Similar searches
Keep browsing verified remote roles.
These links connect this role to broader free job pages with official application sources and stricter location handling where we have enough proof.Company role signals