Job Summary
We are seeking a dedicated and skilled Cybersecurity Analyst to join our team. The Cybersecurity Analyst plays a critical role within the Office of Enterprise Risk & Compliance at Detego Health. This role supports the organization's ongoing SOC 2, HIPAA, and URAC readiness, monitors security controls, and works with both internal IT and our Managed Services Provider (MSP) to ensure the protection of sensitive data and systems. The analyst will assist in managing endpoint security, supporting security incident response, conducting regular access reviews, and maintaining logs and evidence for audit readiness.
Responsibilities
Security Operations & Monitoring
- Monitor security alerts and logs from internal systems and MSP-provided dashboards.
- Assist with endpoint protection management (antivirus, encryption, MDM).
- Perform regular audits of security controls and ensure alignment with SOC 2, HIPAA, and URAC requirements.
- Collaborate with the GRC team and Cybersecurity Engineer to implement and validate technical controls required for certification and audit readiness (SOC 2, HIPAA, URAC, etc).
Access Management & Identity Governance
- Conduct quarterly user access reviews across critical platforms (e.g., Salesforce, Microsoft 365, RingCentral, etc.).
- Support implementation of role-based access controls (RBAC).
- Validate user offboarding and access change documentation.
Incident Response & Documentation
- Assist in identifying and responding to security incidents and events.
- Maintain incident logs, timelines, and remediation actions.
- Support root cause analysis and ensure lessons learned are documented.
Audit & Compliance Support
- Maintain audit-ready documentation for SOC 2, HIPAA, and URAC assessments.
- Collaborate with the GRC team on control testing and evidence gathering.
- Track remediation efforts for identified security gaps.
Tooling & Collaboration
- Work closely with MSP and internal IT to ensure consistent security posture.
- Administer or support security tools (Vanta, BitSight, Microsoft Defender, etc.).
- Help evaluate and implement new security technologies or controls.
Training & Awareness
- Support security awareness campaigns and phishing simulations.
- Report training metrics and contribution to awareness initiatives.
Requirements
- Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
- 5+ years of experience in a cybersecurity, IT compliance role.
- Familiarity with SOC 2, HIPAA, and/or URAC frameworks.
- Experience working with MSPs, SIEMs, or security tools is a plus.
- Strong attention to detail, documentation skills, and a proactive security mindset.
Preferred Certifications (not required)
- CompTIA Security+, CISSP, CISA, or similar.
- Experience with Microsoft 365 security tools, Vanta, or BitSight.
Join our team as a Cybersecurity Analyst, where you will play a critical role in safeguarding our digital assets while advancing your career in a dynamic environment.
Job Type: Full-time
Pay: $90,000.00 - $120,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Employee assistance program
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Retirement plan
- Vision insurance
Schedule:
- 8 hour shift
- Monday to Friday
Work Location: Hybrid remote in Omaha, NE 68164
