You are viewing a preview of this job. Log in or register to view more details about this job.

Security Analyst


Softheon builds software and automation solutions for health insurers and government health agencies. Help shape the future of health tech while working from home with incredible benefits that reflect our commitment to expanding access to quality insurance. Work for a fast-growing, established, and profitable company where you can power what's next in healthcare.

Position Summary
As Softheon’s Security Analyst you will be responsible for bridging the division between Softheon’s Systems Administration, Software Development, Product Operations, and Compliance Teams.


Key Responsibilities (include but not limited to):
  • Implement, monitor and maintain the security footprint for the Softheon environment including, but not limited to; endpoint protection, perimeter security, ensure compliance in patching and vulnerability management.
  • Review, Report, Research, Triage, Assign, and Track from discovery to remediation findings and items of concerns in
  • Internal Vulnerability Scans
  • External Vulnerability Scans
  • Dynamic Application Scans
  • Static Code Analysis Scans
  • 3rd Party Penetration Tests
  • Ensure cyber-security policies are maintained and updated in a timely fashion.
  • Advise on and develop new organizational security policies.
  • Perform internal security impact analysis and change control tracking of functions of Software Development and System Administration team functions.
  • Provide awareness and training to colleagues on trends, policies and best practices
  • Monitor, Evaluate, and Architect secure coding practices.
  • Research, test, and approve 3rd party software, services, and security patches.
  • Collect evidence for and participate in security and compliance audits and assessments.
  • Maintain and Perform functions associated with Softheon’s Continuous Monitoring Plan (combining HIPAA, PCI, NIST 800-53, MARS-E frameworks, FedRAMP.)
  • Monitor, Review, and Audit logging systems.
  • Track hardware and software inventories and oversee projects to transition away end-of-life components.
  • Complete recurring security and operational checklists.
  • Monitor and create policy for tools which generate behavioral data for a remote workforce of 250 employees.
  • Perform gap analysis of Softheon’s security stature and its security ambitions.
  • Monitor industry trends and develop strategies to react to or prepare for changes in the security landscape through policy changes and the evaluation for adoption security hardware, software, or services.
  • Play a critical role in incident and breach response and other tasks that may effect the business posture.

  • 3-5 Years experience in Security, Application Development, or Systems Administration in a Windows Server hosting environment.
  • Bachelors degree preferred in Information systems and security
Preferred Experience
  • Web hosting through IIS
  • Microsoft SQL Server
  • Active Directory Group Policy
  • Vulnerability Scanners Such As
  • Rapid7 Insight IVM
  • Rapid7 AppSpider
  • Nessus/Tenable
  • Saint
  • Parasoft
  • Barracuda Web Application Firewalls
  • Gemalto HSM
  • SIEM/LEM Platforms Such As
  • Solarwinds LEM
  • Rapid7 IDR
  • AlienVault
  • Cisco and Dell Networking
  • Security Frameworks
  • PCI
  • SOC
  • NIST 800-53
  • MARS-E
  • FedRAMP


When you join Softheon, you will:
  • Have an opportunity to add value to a diverse team of innovative professionals
  • Rise to new challenges everyday
  • Receive competitive salary and career growth opportunities

At Softheon we strive to create simple solutions to complex problems. Our innovative and easy-to-use products have revolutionized the way everyday people control their healthcare needs. Empowering the nation's first state health benefit exchange since 2008, Softheon's vision and strategic direction has designed five platforms to help our partners quickly adapt to industry standards, manage client data, and grow their membership, while never compromising the exceptional care they provide. In this highly dynamic industry, Softheon has maintained its position as a premier Business Process as a Service (BPaaS) and Software as a Service (SaaS) solution, utilized by 37% of healthcare payers and having been responsible for 12% of ACA enrollments processed. Our platform has been ranked #1 in addressing the industry’s ever-changing regulatory demands and recognized by Gartner, IDC, AHIP, ACAP, and HCEG.
To find out more about Softheon please visit
To all recruitment agencies: Softheon does not accept agency resumes. Please do not forward resumes to Softheon employees or any other company location. Softheon is not responsible for any fees related to unsolicited resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with the Company.