Cybersecurity Analyst

Johns Hopkins Medicine -
Hanover, MD

Quick Apply

Job Details

Full-time
1 day ago

Benefits

Paid holidays
Health insurance
Dental insurance
Paid time off
Vision insurance
403(b)

Qualifications

Incident investigation techniques for hazard identification
Endpoint Security
CMMC
Threat hunting activities
Vulnerability scanning implementation
Incident management
IT system monitoring
Public Cloud
Security compliance frameworks implementation
Endpoint Detection and Response (EDR)
Security data analysis
Information security compliance
Cloud security best practices implementation
Incident management operations support
Security threat response protocols
Log analysis tools
Regulatory Frameworks (Architecture security)
Cybersecurity investigations
Root cause analysis
Incident response implementation
Vuls
IT security monitoring

Full Job Description

Who we are:

Johns Hopkins Health Plans (JHHP) is the managed care and health services business of Johns Hopkins Medicine. JHHP is a $3B business serving over 500,000 active members with lines of business in Medicaid, Medicare, commercial, military health, health solutions, and venture investments. JHHP is a leader in provider-sponsored health plans and is poised for future growth.

Many organizations talk about transforming the future of healthcare, at Johns Hopkins Health Plans, we are setting the pace for change within the healthcare industry. We develop innovative, analytics-driven health programs in collaboration with provider partners to drive improved quality and better health outcomes for our members and the communities we serve.

What awaits you:

Work-life balance - This is a hybrid role-Hanover, MD. Must report on site at least quarterly. Applicants living in MD, DC, VA, PA, DE, or FL will be given first consideration.
Medical, Dental, and Vision Insurance.
403B Savings Plan w/employer contribution.
Paid Time off & Paid holidays.
Health and wellness programs and MORE!

Position Summary:

The Cybersecurity Analyst is responsible for safeguarding, monitoring, and continuously advancing the organization’s security posture across complex hybrid environments, including Azure Government, AWS GovCloud, and on-premises data centers. This role serves as a hands-on security practitioner and technical leader, proactively defending enterprise systems against sophisticated and evolving cyber threats.

The Cybersecurity Analyst partners closely with Infrastructure, Network Engineering, and Cloud teams, but operates as a dedicated security authority—bringing advanced expertise in cybersecurity operations, threat detection, incident response, and vulnerability management. The role is accountable for identifying, analyzing, and mitigating risks across the enterprise, ensuring security is embedded into all systems and processes by design.

This position requires strong, practical experience in applying security frameworks such as NIST SP 800-171 and CMMC 2.0 within real-world environments. The Cybersecurity Analyst is expected to move beyond audit-driven compliance, enabling continuous monitoring, control validation, and operational resilience to maintain a constant state of audit readiness.

The role also demands deep familiarity with modern threat landscapes, attacker tactics, and defensive technologies. The Cybersecurity Analyst will actively contribute to security architecture, detection engineering, and incident response capabilities, while continuously improving security controls across cloud and on-prem platforms.

Experience needed:

Minimum of 3–5 years of hands-on cybersecurity experience in a Security Operations, Threat Detection, Incident Response, or Vulnerability Management role
Demonstrated experience securing cloud environments (Azure Government and/or AWS GovCloud)
Proven experience with SIEM (e.g., Splunk), EDR, vulnerability management tools (e.g., Tenable), and network security technologies (e.g., Palo Alto)
Strong working knowledge of NIST SP 800-171, CMMC 2.0, and continuous monitoring practices
Experience conducting incident investigations, threat hunting, and root cause analysis
Background in network engineering or system administration is preferred, but dedicated cybersecurity experience is required

Education:

A 4 year college degree plus 2 years’ experience in a network or security-related position

an Associate’s degree plus 3 years’ experience in a security-related position

4 years’ experience in a security-related position

current industry certification plus 2 years of experience in a network or security-related position

Required Licensure, Certification:

Security + or CISSP strongly preferred

Salary Range: Minimum 30.08/hour - Maximum 52.65/hour. Compensation will be commensurate with equity and experience for roles of similar scope and responsibility.

In cases where the range is displayed as a $0 amount, salary discussions will occur during candidate screening calls, before any subsequent compensation discussion is held between the candidate and any hiring authority.

JHM prioritizes the health and well-being of every employee. Come be healthy at Hopkins!

Diversity and Inclusion are Johns Hopkins Medicine Core Values. We are committed to creating a welcoming and inclusive environment, where we embrace and celebrate our differences, where all employees feel valued, contribute to our mission of serving the community, and engage in equitable healthcare delivery and workforce practices.

Johns Hopkins Health System and its affiliates are drug-free workplace employers.

Quick Apply

Job Seeker Tools

Employer Tools

Browse

Stay Connected