Job Description

Sr Analyst, IS Security

Cancer care is all we do

Hope in healing

Cancer Treatment Centers of America® (CTCA), part of City of Hope, takes a unique and integrative approach to cancer care. Our patient-centered care model is founded on a commitment to personalized medicine, tailoring a combination of treatments to the needs of each individual patient. At the same time, we support patients’ quality of life by offering therapies designed to help them manage the side effects of treatment, addressing their physical, spiritual and emotional needs, so they are better able to stay on their treatment regimens and get back to life. At the core of our whole-person approach is what we call the Mother Standard® of care, so named because it requires that we treat our patients, and one another, like we would want our loved ones to be treated. This innovative approach has earned our hospitals a Best Place to Work distinction and numerous accreditations. Each of us has a stake in the successful outcomes of every patient we treat.

Job Description:

Hours: Mon - Fri, flexible business hours, w/call rotation

Job Overview

The Information Security Analyst is responsible for improving the overall security posture of CTCA. They evaluate, test and document security solutions and controls, and work closely with other information security team members to advise on risk remediation to enable the business to operate and innovate.

Information security analysts must continually adapt to stay a step ahead of cyber attackers and stay up to date on the latest methods attackers use to infiltrate computer systems. Analysts in this role are expected to continually learn and grow. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect the business. Information security analysts collaborate with audit, assessment, and testing teams, along with technology management and business Stakeholders.  They track the progress of CTCA on the implementation of appropriate controls to meet business requirements.

Job Responsibilities

25% Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met.

15% Serve as a member of the information security, risk management, and change management teams. Serve as an additional security team member, aiding in incident response (IR) with the IR and security operations center (SOC) teams.

15% Serve as a liaison for the information security team.  Interface with auditor and assessors for risk assessments and business impact analysis. Perform other duties as assigned.

10% Implement technical systems and monitor them for unusual and suspicious activity across a wide range of products.

10% Assist with security configuration standards for systems and business applications.

10% Maintain vendor management standards, questionnaires, and documentation to evidence third party due diligence review and adhere to regulatory compliance.

10% Recommend new security solutions as well as effective improvements to existing security controls that do not negatively impact business innovation.

5% Review security policies and draft security procedures to be reviewed and approved by the Chief Information Security Officer (CISO).

Skills, Education, and Additional Information

  • Four-year university degree or college diploma in the field of Information Security, Computer Science, Information Systems, Information Assurance, or related field is required. 

  • 5+ years of information security experience (or combination of 5 years of IT system administration with security). Required.

  • Professional security management certification such as a ISC2’s CISSP, ISACA’s CISA, CRISC or CISM, SANS GSEC, GCIA or badge from winning a top CTF (capture the flag) contest. Required,

  • Expertise in incident response and system monitoring and analysis.

  • Experience in conducting risk assessments that protect the business and adhere with security, compliance, and privacy laws.

  • Knowledge of multiple computing platforms in the cloud and on premise, including Windows, OSX, Linux, Unix, networks, and endpoints.

  • Experience with vulnerability and penetration testing tools and engagements as well as change management.

  • Business related skills in communication including the ability to effectively communicate business risk as it relates to information security, and project management.

Experience, knowledge and understanding of relevant:

legal and regulatory requirements including HIPAA, HITECH, CMS, and PCI-DSS

standards and frameworks including ITIL and NIST

privacy and data protection practices including CCPA and GDPR,

Demonstrate the following key behaviors and competencies: highly organized and efficient, effective decision-making and problem-solving skills, as well as analytical, strategic, and tactical thinking, adaptability, business acumen, openness to learning including staying current with the evolving threat landscape

highly effective business and technical communications skills with the ability to develop strong working relationships and compromise, persuade and negotiate effectively.

highly trustworthy and leads by example, self-motivated with ability to prioritize multiple objectives working calmly under pressure with tight deadlines and the ability to work independently with little to no oversight.

Pay Range

$85,309.53 - $140,431.20

Placement within the identified pay range is based on individual and market factors including, but not limited to, experience, education, credentials (including licenses and certifications), geographic location, market competition, skill set (including market availability of required skills), assigned/anticipated job tasks, and level of responsibility.  These factors are considered without regard to an individual’s status as a member of any protect group pursuant to federal, state, and/or local law.

We win together

Each CTCA employee is a Stakeholder, driven to make a true difference and help win the fight against cancer. Each day is a challenge, but this unique experience comes with rewards that you may never have thought possible. To ensure each team member brings his or her best self, we offer exceptional support and immersive training to encourage your personal and professional growth. If you’re ready to be part of something bigger and work with a passionate, dynamic group of care professionals, we invite you to join us. 

Visit: to begin your journey.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online