Curi is a full-service advisory firm that serves physicians and medical practices. Equal parts fierce physician advocates, smart business leaders, and thoughtful partners, Curi's advisory, capital, and insurance offerings deliver valued advice that is grounded in client priorities and elevated by their outcomes. From data-driven advisory services to private wealth offerings, to tailored medical malpractice insurance solutions and beyond, we deliver performance that is time-tested and trusted-in medicine, business, and life.

We are seeking a motivated and detail-oriented individual to join our growing Security Team as an Information Security Analyst. In this role, you will play a vital part in safeguarding our company's data and IT infrastructure by assisting senior team members with a variety of security tasks.

KEY RESULT AREAS:

1. Assist in monitoring and analyzing security alerts and incidents.
2. Participate in vulnerability assessment and management
3. Support the implementation and management of security controls and technologies.
4. Collaborate with cross-functional teams to ensure compliance with security policies and procedures.

Assist in monitoring and analyzing security alerts and incidents

• Monitor security alerts from various sources, such as SIEM systems, intrusion detection systems and antivirus tools.
• Analyze security events and incidents to determine their impact and severity.

Participate in vulnerability assessment and management

• Conduct vulnerability scans and assessments on network infrastructure, systems, and applications.
• Assist in prioritizing and remediating identified vulnerabilities based on risk assessment.
• Maintain documentation related to vulnerability management process and findings.

Support the implementation and management of security controls and technologies

• Maintain documentation related to vulnerability management process and findings.
• Assist in the implementation and configuration of security controls, including firewalls, intrusion detection prevention systems, and endpoint security solutions.
• Participate in the deployment and management of security technologies such as multi-factor authentication and data encryption.

Collaborate with cross-functional teams to ensure compliance with security policies and procedures

• Contribute to the development and enforcement of security policies and standards.
• Work closely with IT and business teams to ensure security requirements are integrated into new projects and initiatives.
• Assist in security awareness training for employees, ensuring they are aware of security policies and best practices.
• Support compliance efforts with industry regulations and standards, such as NIST, CIS benchmarks, GDPR, and HIPAA.
• Stay up to date with emerging threats, vulnerabilities, and security technologies through training and self-study.
• Collaborate with cross-functional teams to address security-related concerns and implement security controls.
• Provide support to the cyber security team as needed, including administrative tasks and project coordination.

• Familiarity with common security tools and technologies, such as firewalls, antivirus software, and intrusion detection/prevention systems.
• Basic understanding of cyber security principles, concepts, and best practices.
• Strong analytical and problem-solving skills, with the ability to analyze and interpret security data.
• Excellent communication and people skills, with the ability to collaborate effectively with team members and stakeholders.
• Ability to work well under pressure and prioritize tasks in a fast-paced environment.
• Eagerness to learn and develop new skills in the field of cyber security.

• 2-4 years working in Information Technology preferred.
• Bachelor's Degree in a related business or technical discipline or the equivalent combination of education, technical training, or work/military experience in lieu of a degree.
• Cybersecurity certificates (CompTIA, Security +, CEH, Network+) preferred.