[Hiring] Cybersecurity Operations Analyst @Versant Health

Role Description

The Cybersecurity Operations Analyst supports and advances the organization’s Information Security program by protecting the enterprise against evolving cyber threats. This role is responsible for participating in incident response activities, investigating and analyzing security events, optimizing security controls, and collaborating cross-functionally to strengthen the organization’s overall security posture.

The Cybersecurity Operations Analyst provides hands-on technical leadership through proactive threat hunting and the continuous enhancement of detection and response capabilities. This position contributes to the ongoing evolution of Versant Health’s cybersecurity operations by leveraging leading security technologies, partnering with internal stakeholders, and staying current on emerging threats and attack methodologies.

Where you will have an impact

• Security Hygiene & Control Validation
  • Routinely audit and validate security control coverage (e.g., XDR, ZTNA, DLP) to ensure tools are operating effectively and protect 100% of intended assets.
  • Partner with the SOC to ensure log integrity across security and non-security systems; validate alert scope, fidelity, and thresholds.
  • Monitor the health and performance of security tools, performing root cause analysis when agents fail or policies are not properly applied.
• Incident Response, Event Monitoring, & Threat Hunting
  • Serve as the Tier 2 escalation point for the SOC and lead the full incident response lifecycle, from containment through recovery.
  • Conduct proactive threat hunting using threat intelligence, SOC findings, and behavioral analysis to identify threats that bypass automated controls.
  • Analyze threat intelligence to inform defensive strategies and continuously improve detection capabilities.
  • Collaborate with the SOC to develop, refine, and maintain incident response playbooks aligned to business context.
  • Monitor and analyze security alerts from SIEM, EDR, and other tools to identify and respond to potential threats.
  • Implement and enforce security controls, policies, and procedures to protect organizational assets.
• Blue, Red, and Purple Team Activities
  • Engage in the development and execution of recurring security wargames, including scenario design and cross functional participation.
  • Actively participate in blue team activities focused on defensive security, detection, and incident response.
  • Collaborate in purple team exercises to validate detection and response effectiveness against real world attack scenarios.
  • Participate in internal red team exercises, penetration tests, and simulated attacks to identify security gaps and control weaknesses.
  • Perform adversary emulation by modeling tactics, techniques, and procedures (TTPs) of known threat actors.
  • Share insights, lessons learned, and intelligence across teams to continuously improve security posture.
  • Use findings from offensive testing to optimize SIEM rules, EDR/CASB/SWG policies, firewall configurations, and other security controls.
• Security Tool Management
  • Configure, maintain, and optimize a broad portfolio of security technologies, including:
  • Security Information and Event Management (SIEM): Log aggregation, correlation, tuning, and alerting.
  • Endpoint Detection and Response (EDR): Threat detection and response across endpoint environments.
  • Attack Surface & Exposure Management (ASM/AEM): Continuous discovery and prioritization of vulnerabilities and exposures.
  • Cloud Access Security Broker (CASB): Enforcement of security controls for cloud applications and services.
  • Secure Web Gateway (SWG): Inspection of web traffic and protection against web-based threats.
  • Data Loss Prevention (DLP): Design, implementation, and management of policies to prevent unauthorized data exfiltration across endpoints, networks, and cloud environments.
• Security Operations & Support
  • Respond to and resolve security related tickets and user inquiries.
  • Provide guidance and best practice recommendations to end users and IT partners.
  • Troubleshoot security tool issues and perform root cause analysis.
• Documentation, Reporting, & Communication
  • Create and maintain detailed documentation for incident response procedures, security tool configurations, and security advisories.
  • Generate and present reports on security incidents, trends, and overall security posture to management.
  • Communicate clearly and effectively with stakeholders during and after security incidents.

Qualifications

• 3+ years of experience in cybersecurity, with a focus on security operations and incident response.
• Bachelor’s degree from an accredited college or university or equivalent professional experience.
• Hands-on experience administering and maintaining SIEM, EDR, and related security tools.
• Understanding of networking concepts, TCP/IP, Active Directory, DNS, DHCP, and network defense technologies.
• Proficiency with Windows, Linux, and macOS operating systems.
• Experience with cloud security platforms (e.g., AWS, Azure).
• Knowledge of secure engineering principles and technical security testing methodologies.

Requirements

• All Associates must comply with the Health Insurance Portability Accountability Act of 1996 (HIPAA) as it pertains to disclosures of protected health information (PHI).
• Associates may have access to covered information, cardholder data or other confidential customer information which must be protected at all times.
• Associates must explicitly adhere to all data security guidelines established within the Company’s Privacy & Security Training Program.

Benefits

• Comprehensive and competitive total rewards package designed to support your health, financial well-being, and work-life balance.
• Medical, dental, and paid vision coverage.
• Paid time off and company holidays.
• Retirement savings with employer contribution.
• Employee wellness resources.
• Professional development opportunities.
• Flexible work arrangements.
• Employee assistance programs.