Salary Range: $39.06 - $53.85 Pay rates are determined based on experience and internal equity. Position Summary: The Cybersecurity Analyst reports to the Director of Information Systems. Responsible for supporting information security operations including vulnerability scanning, security monitoring, incident response support, compliance documentation, and access reviews. Performs assigned security tasks within established procedures and escalates findings to the as appropriate. Works effectively under deadlines and maintains professional, respectful working relationships with patients, families, medical and nursing staff, and co-workers. District Responsibility: Supports the District mission and values. Demonstrates respect, professionalism and courtesy to all patients, visitors, other providers and co-workers, as delineated in the LVMC Commitment to Care. Constantly use C-I-CARE principles when communicating with others. Participates in performance improvement activities. Engages in ongoing professional development. Position Duties/Responsibility: Perform recurring vulnerability scans across servers, endpoints, and network infrastructure; document findings and escalate for remediation coordination. Track remediation status from security risk assessments and audit findings in the risk register; flag overdue items for follow-up. Support security incident documentation including privacy breaches, unauthorized access, malware detections, and phishing events. Assist with periodic access reviews across clinical and administrative systems including EHR, practice management, and Active Directory; document findings and submit for evaluation. Monitor security tooling for alerts; perform initial triage and escalate per established incident response procedures. Assist with vendor risk documentation including tracking BAA status and supporting security questionnaire completion as directed. Administer and monitor Microsoft 365 tenant security. Participate in disaster response and incident response activations as assigned, including ransomware response team duties. Support HIPAA Security Rule compliance activities including audit control documentation, patch management tracking, and encryption validation as directed. Perform other duties as assigned. Position Qualifications: Education: Associates degree in information technology, cybersecurity, or related field, or equivalent combination of education and experience. Bachelors degree preferred. Experience: Minimum three years in information technology in a hands-on technical role. Prior exposure to security tools, compliance activities, or security operations preferred. Healthcare IT experience preferred. Certifications: CompTIA Security+ or equivalent required. Skills/Ability: Strong communication skills, both written and verbal, with the ability to convey technical security concepts to non-technical audiences. Knowledge of state and federal regulations including HIPAA Security Rule, HIPAA Privacy Rule, and California health data privacy requirements. Safety requirements including safe handling and protection of sensitive data, PHI, and security findings. Quality improvement principles applied to information security processes and incident reduction. Maintain records in an organized manner, including incident documentation, vulnerability tracking, risk register entries, and compliance evidence that must withstand regulatory scrutiny. Maintain the departments CMS and California state accreditation requirements related to information security and data protection. Establishes and maintains effective, positive working relations with departmental employees, hospital staff, medical staff and patients. Assures safe practices and techniques are used in the department, including secure handling of credentials, access controls, and endpoint protection. Communicates policies to hospital employees including security awareness, acceptable use, and incident reporting procedures. LVMC reserves the right to modify the minimum requirements depending on the needs of the organization.