Bamboo Health is a leader in cloud-based care coordination software and analytics solutions focused on patients with complex needs, including those suffering from physical health and mental health issues and substance use disorders. We are driven by our mission of enabling better care for patients across the continuum. Our software solutions help healthcare professionals collaborate on shared patients across the spectrum of care. Join us in improving healthcare for all! Summary: Bamboo Health Information Security implements forward thinking security architectures across a wide variety of platforms and technologies including cloud services, identity and access management, virtualization, and third-party service providers. We strive to implement innovative solutions that support dynamic growth within complex regulatory environments. The Bamboo Health Information Security Team is highly collaborative and committed to each team member's growth along with the business. The Bamboo Health Information Security Team is seeking a motivated Information Security Analyst to join our team. As an Information Security Analyst, you will bridge technical expertise, risk, and compliance. This role will provide you with exposure to all aspects of a mature information security program with the opportunity to expand your skillset. The Information Security Analyst will work with seasoned security experts with extensive knowledge in all domains of security. What You'll Do: * Participate in security operations tasks such as event monitoring and incident response and vulnerability testing and management. * Assist with processing access control requests. * Secure applications hosted in cloud environments. * Assist in policy and documentation upkeep and development, ensuring clarity and applicability. * Work with external auditors and customers as necessary, providing them with required information and assistance. * Work closely with various teams, including IT, Legal, HR, and Operations, ensuring seamless security integration and compliance. * Assist with the team's efforts with our internal security awareness program and security best practices. * Analyze opportunities for improvement in the organization's compliance program. * Participate in the on-call rotation to address and escalate security incidents as they arise. What Success Looks Like… In 3 months… * Learn security operations tools, systems, and security policies and procedures. * Work on internal documentation, security operations, and compliance tracking tasks. * Develop a basic understanding of the regulatory frameworks that Bamboo Health adheres to. * Establish relationships with the team and key internal departments. * Understand and be able to describe the function of Bamboo Health's products and services. In 6 months… * Participate in Security Operations on-call rotation and be comfortable with incident response activities and procedures. * Participate in risk and compliance assessment exercises with internal teams. * Be able to describe the organization layout and identify key team partners. * Become familiar with the required communication channels and participate in providing required metrics and feedback to stakeholders. * Work with security team members to learn web application vulnerability concepts and begin vulnerability testing. * Assist with processing access control requests. In 12 months… * Perform system and web application vulnerability scanning and reporting findings to internal teams. * Understand key cloud security and compliance toolsets. * Augment the team's efforts in completing security assessments executed by independent third-party assessment organizations and/or customers. * Assist with the team's efforts with our internal security awareness program. * Identify areas where automation of evidence collection could improve existing compliance procedures and document process improvement ideas. * Work independently when given clear objectives. What You Need: * Bachelor's degree in computer science, Information Security, IT, or related discipline, or four years equivalent professional experience in IT, Information Security, or a closely related field in lieu of a degree * An additional 2 years of hands-on work experience in the field of information security, risk and compliance, or IT * Intermediate knowledge of Linux, macOS, and Windows * Basic knowledge of cloud services such as AWS, Azure, or GCP * Domain familiarity in two of the following fields: * Knowledge of Security control frameworks or benchmarks (Examples: ISO, NIST, HIPAA, CIS, HITRUST, FedRAMP) * Vulnerability testing and management or risk analysis * Evidence gathering for security auditing purposes * Identity and access management (IAM) * Security incident response * Endpoint security and best practices * Securing cloud-centric environments * Excellent written and verbal communication skills, with ability to build and communicate business rationale * Ability to learn quickly and work independently * Ability to build effective, sustainable working relationships internally, with customers, and external stakeholders * A work environment that is conducive to high quality virtual interactions. This includes being able to work from a quiet space with minimal interruptions or distractions and a strong internet connection * A high level of judgment, analytical ability and creativity in investigating problems that require original and innovative solutions * Experience working a fast-paced, high-growth, rapidly changing work environments What You Get: * Join one of the most innovative healthcare technology companies in the country. * Have the autonomy to build something with an enthusiastically supportive team. * Learn from working at the highest levels and on the most strategic priorities of the company, including from world class investors and advisors. * Receive competitive compensation, including equity, with health, dental, vision and other benefits. Belonging at Bamboo We Care. #BambooHealthValuesCare Every human being has the right to the best possible healthcare. Our solutions enable healthcare professionals to see and treat every individual as a whole person by providing the right information, at the right time - regardless of physical, behavioral, or social barriers. We're a great place to work because we care. We continually seek to learn about our differences and ensure the unique identities and contributions of all employees are welcome, valued and celebrated. Our commitment to making a positive impact starts by recognizing and leveraging our differences, building inclusive teams, cultivating a sense of belonging, combating biases, and actively removing barriers to equity. Bamboo Health is proud to be an Equal Employment Opportunity and affirmative action employer. To protect our applicants from fraudulent recruitment activity, we recommend that all applicants verify the validity of an interview and hiring process by visiting our website www.bamboohealth.com. All valid job postings will be listed on our careers page. Bamboo Health does not conduct interviews via text and will not request sensitive information such as banking details during the application process. #LI-Remote