Before you apply: Here is an interview Q&A for you: Click here

NOTE: Here is why some companies may not hire you.

Hey!!  Update Your CV Like a Pro. HERE are Tips from an Experienced Recruiter

Information Security Analyst at Evio, Remote (United States)

Evio is seeking a proactive and detail-oriented Information Security Analyst to help protect our systems, data, and infrastructure across a regulated health care environment. This role plays an important part in strengthening and maturing our security program while enabling secure, efficient business operations.

You will execute and improve security controls, manage user and privileged access, run monitoring and response activities, and coordinate recurring program work driven by Evio’s Cybersecurity Calendar. You’ll work cross-functionally with teammates across IT, Legal, Compliance, and business teams.

This is a hands-on role with broad visibility, where you’ll help shape how security operates at Evio.

What you’ll do

Identity & access control / user lifecycle

• Own and execute user access management, including provisioning and deprovisioning across AWS, O365, HRIS, SaaS platforms, and databases).
• Implement and maintain least-privilege RBAC, access control matrices, and entitlement catalogs.
• Administer identity and access systems, including IdP/SSO integrations (SAML, OAuth) and SCIM provisioning.
• Enforce privileged access management (PAM), multi-factor authentication (MFA_, separation of duties, and key/secret rotation.
• Conduct recurring access reviews (quarterly and annual) across systems.
• Maintain provisioning workflows and track SLA performance for onboarding/offboarding.

Security operations & monitoring

• Monitor, triage, and investigate security alerts.
• Support incident response activities.
• Perform audit trail and log reviews (SIEM, CloudTrail, O365 logs) and track remediation.

Program, compliance, and third-party risk

• Support SOC 2, HIPAA, and HITRUST audits, including evidence collection and remediation tracking.
• Maintain and update security policies, standards, and procedures.
• Partner with Legal, Compliance, and IT teams to strengthen controls and resolve findings.
• Lead third-party risk assessments and vendor security reviews, particularly for partners handling sensitive data (PHI/PII).

Recurring cybersecurity program activities

• Execute activities from Evio’s Cybersecurity Calendar including access reviews, audit log reviews, annual SaaS access reviews, device management reviews, BC/DR and incident response testing, phishing campaigns, and third-party risk assessments.

Awareness, reporting, and continuous improvement

• Run phishing simulations and track awareness metrics.
• Support and improve teammate security awareness and training programs.
• Maintain the enterprise risk register and track remediation progress.
• Report on security KPIs and risk trends
• Identify automation opportunities to improve efficiency and reduce manual effort.

Your skills and experience

• 3+ years of experience in information security, risk, or compliance.
• Experience in regulated environments (health care preferred).
• Familiarity with frameworks such as HIPAA, SOC 2, HITRUST, or NIST.
• Experience with cloud and SaaS security environments (AWS, O365).
• Strong analytical skills and the ability to clearly communicate risk.
• Relevant certifications (Security+, CISSP, CISM, CISA) are a plus.
• Excitement for continuing to mature and strengthen an established security program.
• Someone who takes initiative, unearths problems, and leads with solutions.
• Bring energy and creativity to inspire adoption of cybersecurity best practices

Additional / Preferred

• Hands-on experience with IAM, IdP, SSO, SCIM, and privileged access management tools.
• Experience with SIEM platforms, log analysis, and vulnerability management tools.
• Scripting or automation experience (Python, PowerShell, or similar).
• Experience supporting audits (SOC 2, HIPAA, HITRUST) and preparing evidence.
• Experience working with healthcare data and protecting PHI is strongly preferred.

Compensation: $100,000 – $115,000 plus additional variable compensation based on performance.

At Evio, we’re committed to building a competitive compensation package to honor the value our teammates bring as well as attract and retain top talent that is aligned with our culture, mission, and values. Compensation includes base pay (range shown) and could include other variable compensation opportunities depending on job seniority, location, and date of hire.

Evio Benefits

• Great Health Insurance
• The company pays 100% of medical, dental, and vision premiums for teammates, and 50% for dependents.
• 401K Match
• Evio matches 100% of teammate contribution up to 5% of salary, subject to IRS limits.
• Time Off
• We have a flexible vacation policy for teammates to unplug and recharge when you need it.
• Parental Leave
• Generous paid leave for new parents (includes birth and non-birth parents).
• Evio values a diverse workplace and is committed to supporting and celebrating the diversity that each teammate brings to the table.

Notice

We’ve recently learned of fraudulent job postings and individuals falsely claiming to represent Evio.

• All official communication will come from an email ending in @evio.com.
• We will never conduct text-only interviews.
• We will never ask for payment, gift cards, or financial information.
• Our roles are posted only on our official website, LinkedIn, and Greenhouse.
• If you believe you’ve encountered a scam, please report it to the appropriate authorities.

Thank you for helping keep our community safe.