This position requires the employee to work onsite in Sheridan, Wyoming, USA. This position is not eligible for remote work or visa sponsorship.
ABOUT SHERIDAN MEMORIAL HOSPITAL
At Sheridan Memorial Hospital, we proudly rank in the top 13.6% of U.S. hospitals, recognized by the Centers for Medicare and Medicaid Services. With over 850 dedicated employees and 100+ expert providers across 25 specialties, we are committed to exceptional, patient-centered care. Set in northern Wyoming’s stunning Big Horn Mountain foothills, Sheridan offers outdoor adventure and community charm. Our hospital combines cutting-edge technology with a collaborative, innovative culture. Join a team that values your skills, fosters growth, and empowers you to impact lives meaningfully. Apply today and be part of Sheridan Memorial Hospital’s mission of excellence!
JOB SUMMARY
The Cybersecurity Analyst is responsible for protecting the confidentiality, integrity, and availability of the hospital's information systems, networks, and electronic protected health information (ePHI). This position monitors, analyzes, and responds to cybersecurity threats and vulnerabilities while ensuring compliance with HIPAA, Joint Commission, and other applicable regulatory requirements. The Cyber Security Analyst works closely with Information Technology, Clinical Informatics, Compliance, and operational departments to maintain a secure healthcare environment and support the organization's cybersecurity program.
Benefits Include:
- Medical, Dental, and Vision Insurance
- Low deductibles and out-of-pocket costs
- Coverage begins the month after you start.
- Tuition Assistance
- Available after one year of employment
- Retirement Match
- 6% match with full vesting after 3 years
- Generous PTO and Sick Time
- Employer-Paid Life Insurance
- Short-Term Disability Coverage
- Employee Assistance Program (EAP)
- Benefits and eligibility vary by position; exclusions may apply.
ESSENTIAL JOB FUNCTION
Security Operations
-
- Monitor security alerts and events generated by security tools including SIEM, endpoint protection, firewalls, intrusion prevention systems, email security platforms, and identity management solutions.
- Investigate and respond to cybersecurity incidents, suspicious activities, and potential breaches.
- Perform threat analysis and recommend corrective actions to mitigate risks.
- Coordinate incident response activities and participate in post-incident reviews.
- Maintain and improve cybersecurity monitoring and detection capabilities.
Vulnerability Management
-
- Conduct routine vulnerability assessments and security scans of servers, workstations, network devices, applications, and cloud services.
- Analyze vulnerability scan results and coordinate remediation efforts with technical teams.
- Track remediation progress and provide reporting to leadership.
- Assist with penetration testing and security assessments.
Risk Management & Compliance
-
- Support the organization's HIPAA Security Risk Assessment process and remediation activities.
- Ensure compliance with HIPAA, HITECH, CMS, Joint Commission, and organizational security policies.
- Assist in developing, maintaining, and enforcing cybersecurity policies, standards, and procedures.
- Participate in audits and provide cybersecurity documentation as requested.
Identity & Access Management
-
- Review and monitor privileged access accounts and administrative permissions.
- Assist with implementation and management of multifactor authentication (MFA) solutions.
- Support user access reviews and security controls related to identity management.
- Monitor for unauthorized access attempts and account compromise indicators.
Security Awareness
-
- Assist in developing and administering cybersecurity awareness and phishing education programs.
- Conduct security awareness training for hospital staff.
- Promote cybersecurity best practices throughout the organization.
Infrastructure Security
-
- Collaborate with IT staff to secure servers, endpoints, network infrastructure, cloud services, and healthcare applications.
- Review firewall, endpoint security, and system configurations for compliance with security standards.
- Evaluate new technologies and recommend security controls.
- Assist with secure implementation of clinical and business applications.
Reporting & Documentation
-
- Maintain detailed documentation of security incidents, investigations, and remediation efforts.
- Develop cybersecurity metrics, dashboards, and reports for leadership.
- Provide recommendations for continuous improvement of the cybersecurity program.
POSITION QUALIFICATIONS - Education, Experience & License
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or related field required; equivalent combination of education and experience may be considered.
- Minimum of three (3) years of experience in information security, cybersecurity, network security, or systems administration preferred.
- Experience with vulnerability management, incident response, security monitoring, and risk assessment.
- Experience in a healthcare environment preferred.
- Experience supporting HIPAA compliance and healthcare security requirements preferred.
Certifications (Preferred)
- CompTIA Security+
- CompTIA CySA+
- ISC2 Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- GIAC Security Certifications
- Microsoft Security Certifications
- Cisco Security Certifications
Knowledge, Skills, and Abilities
- Strong understanding of cybersecurity frameworks such as NIST Cybersecurity Framework and CIS Controls.
- Knowledge of HIPAA Security Rule requirements and healthcare cybersecurity best practices.
- Familiarity with endpoint detection and response (EDR) platforms, SIEM solutions, firewalls, IDS/IPS, vulnerability management tools, and email security systems.
- Knowledge of Microsoft Active Directory, Azure/Entra ID, Microsoft 365 security, and cloud security principles.
- Ability to analyze complex technical issues and implement effective solutions.
- Strong written and verbal communication skills.
- Ability to manage multiple priorities in a fast-paced healthcare environment.
Additional Skills
- Ability to communicate in English; both verbally and in writing.
- Good communication skills.
- Excellent customer service skills.
- Knowledge of Word, Excel, PowerPoint and Access expected.
- Efficient use of MHSC help desk application is required.
Specific demands not listed: Possible exposure to blood and / or body fluids / infectious disease / hazardous waste requiring the use of Personal Protective Equipment. Exposure to odorous chemicals / specimens and Latex products. Pre-employment drug and alcohol screening is required.
Sheridan Memorial Hospital is an equal opportunity/Affirmative Action employer and gives consideration for employment to qualified applicants without regard to age, race, color, religion, sex, national origin, disability or protected veteran status. If you’d like more information about your EEO rights as an applicant under the law, please click here
Location: Sheridan Memorial Hospital · Information Systems and Informatics
Schedule: Full Time, Days, M-F 8-5