Back to jobs
New

Senior Security Analyst

United States – Remote

 

See your work in a new light.

At LUX Infusion, we’re reimagining infusion care to be more human, supportive, and connected. Inspired by lux—meaning light - we guide patients, providers, and partners through complex therapies with clarity, compassion, and confidence.

As a clinician-led, U.S.-based organization, we put people first - helping patients feel seen and supported through faster therapy starts, dedicated care coordination, and meaningful collaboration. Our commitment to inclusion, diversity, equity, and advancement (IDEA) is central to our culture, ensuring every team member feels valued and empowered to make a difference.


 

 

See your work in a new light.

At LUX Infusion, we’re reimagining infusion care as something more human, more supportive, and more connected. We lead with compassion and clarity - helping patients feel confident in moments that matter, while giving providers and partners the trust and insight they need to deliver better outcomes.

We’re looking for a Senior Security Analyst who wants their work to mean something - someone who brings care, accountability, and purpose to what they do every day.

Full-time- Remote Opportunity


Why This Role Matters

Job Summary

The Senior Security Analyst (Healthcare) is responsible for protecting the organization’s information

systems, data, and technology assets with a primary focus on safeguarding Protected Health

Information (PHI) and ensuring compliance with healthcare regulatory requirements. This role plays a

critical part in designing, implementing, monitoring, and improving the organization’s cybersecurity

posture in alignment with HIPAA, HITECH, and other applicable standards.

 

This position serves as a senior technical and operational resource within the security function, leading

security monitoring, incident response, risk assessments, vulnerability management, and compliance

initiatives. The Senior Security Analyst works closely with IT, infrastructure, application teams,

compliance, and external partners to identify risks, respond to threats, and maintain a strong security

posture across a multi-site healthcare environment.


What You’ll Do

Responsibilities include:

Security Operations and Monitoring

Monitor and analyze security events and alerts across networks, endpoints, cloud platforms,

and applications.

Investigate suspicious activity and lead incident response efforts, including triage, containment,

eradication, and recovery.

Serve as an escalation point for complex security incidents and coordinate cross-functional

response efforts.

Maintain and tune SIEM, EDR, and other security tools to improve detection and reduce false

positives.

Conduct root cause analysis and document incidents, actions taken, and lessons learned.

Healthcare Security and Compliance

Ensure compliance with HIPAA, HITECH, and other healthcare regulatory and privacy

requirements.

Participate in security risk assessments, gap analyses, and audits (internal and external),

including support for third-party assessments.

Develop and maintain security policies, standards, and procedures aligned with regulatory

expectations.

Monitor controls related to PHI protection, data access, and breach prevention.

Support audit readiness and remediation activities for compliance findings.

Vulnerability and Risk Management

Conduct regular vulnerability scans and coordinate remediation efforts across infrastructure and application teams.

Prioritize risks based on business impact, exploitability, and regulatory exposure.

Track and report on vulnerability remediation status and risk reduction efforts.

Perform risk assessments on new systems, vendors, and technology implementations.

Contribute to third-party risk management and vendor security reviews.

Security Engineering and Architecture Support

Collaborate with infrastructure and application teams to implement secure configurations and controls.

Evaluate and recommend security solutions, tools, and technologies to enhance protection capabilities.

Support secure design reviews for new applications, systems, and integrations.

Validate implementation of security controls across networks, endpoints, and cloud environments.

Identity and Access Management (IAM

Review and monitor user access to systems containing PHI and sensitive data.

Support access governance processes, including provisioning, deprovisioning, and periodic access reviews.

Investigate access anomalies and enforce least-privilege principles.

Training, Awareness, and Continuous Improvement 

Support security awareness and training initiatives with a focus on healthcare threats (e.g., phishing, ransomware).

Provide guidance to IT and business teams on security best practices and risk mitigation.

Identify opportunities to improve security processes, tooling, and response capabilities.

Mentor junior analysts and contribute to the development of the security team.

Familiarity with:

HIPAA Security Rule and Privacy Rule

NIST Cybersecurity Framework (CSF) and/or NIST 800-53

HITRUST CSF (preferred in healthcare environments)

Knowledge of identity and access management practices.

Understanding of secure system and application design principles.

Skills and Competencies

Strong analytical and problem-solving skills with the ability to assess complex security threats.

Ability to lead incident response efforts under pressure and with urgency.

Excellent written and verbal communication skills, including documentation and reporting.

Strong attention to detail and ability to manage multiple priorities.

 Ability to work cross-functionally with IT, compliance, legal, and business stakeholders.

High level of integrity and commitment to protecting sensitive data.

KEY SUCCESS MEASURES

Effective detection and response to security incidents

Reduction in vulnerabilities and security risk exposure

Successful audit outcomes and regulatory compliance adherence

Protection of PHI with minimal security-related disruptions

Improved security posture through proactive controls and monitoring

Strong collaboration and stakeholder confidence in security operations

 

PHYSICAL DEMANDS AND WORK ENVIRONMENT

Effective detection and response to security incidents

Reduction in vulnerabilities and security risk exposure

Successful audit outcomes and regulatory compliance adherence

Protection of PHI with minimal security-related disruptions

Improved security posture through proactive controls and monitoring

Strong collaboration and stakeholder confidence in security operations

This position requires constant sitting with occasional walking, standing, kneeling or stooping.

This position requires the use of hands to finger, handle or feel objects and the ability to reach

with hands and arms.

This position requires constant talking and hearing.

Specific vision abilities required by this job include close vision and the ability to adjust focus.

This position must occasionally lift and/or move up to 25 pounds

Required to move/lift physical hardware

 

 


What We’re Looking For

You may be a great fit if you bring:

Education and Experience

Bachelor’s degree in Cybersecurity, Information Technology, or a related field preferred;

equivalent experience considered.

5+ years of experience in cybersecurity, information security, or related roles.

2+ years of experience in healthcare IT, security, or regulated environments required.

Demonstrated experience with incident response, threat detection, and vulnerability

management.

Experience supporting audits and compliance frameworks in regulated industries.

Technical Knowledge

Strong understanding of:

Security operations (SIEM, EDR, log analysis)

Network security (firewalls, IDS/IPS, segmentation)

Endpoint security and device hardening

Cloud security principles (Azure, AWS, or similar)

Vulnerability scanning and remediation tools

 Familiarity with:

HIPAA Security Rule and Privacy Rule

NIST Cybersecurity Framework (CSF) and/or NIST 800-53 o HITRUST CSF (preferred in healthcare environments)

Knowledge of identity and access management practices.

Understanding of secure system and application design principles.

QUALIFICATIONS PREFERRED

Industry certifications such as:

CISSP, CISM, or CISA (strongly preferred) CEH, Security+, or GIAC certifications (nice to have)

Experience with healthcare systems such as EHR/EMR platforms (e.g., Epic, Cerner).

Experience in ransomware preparedness and response within healthcare environments.

Familiarity with Microsoft security stack (Defender, Sentinel, Entra ID) or comparable platforms.

Experience supporting HITRUST certification or attestation


Why LUX Infusion

At LUX Infusion, we believe infusion care deserves more light - more warmth, more clarity, and more connection.

Here, you’ll find:

  • Purpose‑driven work with real impact
  • A patient‑first, clinician‑led culture
  • Supportive, collaborative teammates
  • The opportunity to grow with a company building something meaningful

Come help us elevate infusion care - and see what’s possible when care comes first.

Pay Range/Rate

$110,000 - $120,000 USD


PHYSICAL DEMANDS

The physical demands described here represent those required for an employee to successfully perform the essential functions of this role. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions. If you require a reasonable accommodation during the application or interview process, please contact the LUX Infusion Talent Team at Careers@LUXInfusion.com or 954.385.7322 x 1425.

While performing the duties of this position, the employee may occasionally be required to stand, walk, or sit; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; climb stairs; balance; stoop, kneel, crouch, or crawl; and talk or hear. The employee may also be required to occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this role include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.


OTHER REQUIREMENTS

Employees are expected to:

  • Participate annually in required legal and ethical compliance training
  • Consistently act in compliance with LUX Infusion’s legal, ethical, and compliance policies
  • Adhere to all standards and procedures outlined in the LUX Infusion Compliance Manual
  • Refrain from any behavior that could be considered unethical or unlawful

EXPECTATIONS FOR ALL EMPLOYEES

All LUX Infusion team members are expected to support the organization’s mission, vision, and values by demonstrating integrity, dedication, compassion, and enthusiasm. This includes placing patients first, working collaboratively with a “stacked‑hands” mindset, and maintaining a consistent focus on quality, accountability, and continuous improvement.


GENERAL INFORMATION

The statements above are intended to describe the general nature and level of work performed by individuals in this role. They are not intended to be an exhaustive list of all responsibilities, duties, or skills required.

This role operates in a fast‑paced environment and requires the ability to prioritize competing demands, manage multiple tasks effectively, and seek guidance when appropriate.

Employees in this position may be required to assist directly - or coordinate appropriate assistance - to ensure access to LUX Infusion’s services for individuals with disabilities, including patients, visitors, employees, or others.

LUX Infusion is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.

Apply for this job

*

indicates a required field

Phone
Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf


If you were referred by a current employee, please list their name in the text field below.

Select...
If hired into this role, on what date do you anticipate you can be available to begin employment? *
Select...
Select...
Select...
Select...
Select...
Select...
Select...

U.S. Standard Demographic Questions

We invite applicants to share their demographic background. If you choose to complete this survey, your responses may be used to identify areas of improvement in our hiring process.
Select...
Select...
Select...
Select...
Select...
Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in LUX Infusion’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.