Cyber Security Analyst

Join to apply for the Cyber Security Analyst role at Millennium Physician Group.

Mosaic Health is a national care delivery platform focused on expanding access to comprehensive primary care for consumers with coverage across Commercial, Individual Exchange, Medicare, and Medicaid health plans.

The Business Units which comprise Mosaic Health are multi-payer and serve nearly one million consumers across 19 states, providing them with access to high quality primary care, integrated care teams, personalized navigation, expanded digital access, and specialized services for higher-need populations. Through Mosaic Health, health plans and employers have a stronger care provider partner that delivers affordability and superior experiences for their members and employees, including value-based primary care capacity integrated with digital patient engagement and navigation. Each of the companies within Mosaic Health provides unique offerings that together aim to improve individuals' health and wellbeing, while helping care providers deliver higher quality care. For more information, please visit www.mosaichealth.com or follow Mosaic Health on LinkedIn.

Formed in 2008 and headquartered in Fort Myers, Florida, with offices in Florida, North Carolina, and Texas, Millennium Healthcare is the largest independent physician group in Florida and one of the largest in the United States. At Millennium Physician Group, our employees are the foundation of our success. We promise to provide you with the tools to do your job successfully, as well as a team atmosphere that empowers you to seek better ways to deliver care to our patients and their families. We also promise to care for you as an individual and help you grow in your role.

The Cyber Security Analyst will support all business units within Mosaic Health and is responsible for ensuring the security, integrity, and confidentiality of the organization's data, systems, and networks. Reporting to the Cyber Security Manager (or equivalent), this role plays a critical part in protecting against cyber threats, identifying vulnerabilities, and implementing security measures across the organization. The Cyber Security Analyst will work closely with IT, compliance, and other business units to maintain a proactive and reactive security posture, ensuring regulatory compliance and best practices in information security. This role requires knowledge of network security, incident response, risk management, and threat intelligence, and is essential to ensuring that systems and data are protected from cyber-attacks and unauthorized access.

• Monitor and analyze security alerts from various sources (e.g., SIEM tools, firewalls, IDS/IPS) to detect potential security breaches and threats.
• Perform regular security assessments and vulnerability scans on networks, systems, and applications to identify weaknesses and recommend improvements.
• Respond to security incidents, investigating and mitigating threats, ensuring timely resolution, and documenting incidents as per the incident response plan.
• Maintain and improve firewall rules, endpoint protection, intrusion detection systems (IDS/IPS), and access controls to safeguard systems from attacks.
• Ensure that security policies, procedures, and best practices are followed, working to continually improve the organization's security posture.
• Collaborate with internal teams (IT, network, systems, and development) to implement security measures aligned with business objectives and compliance requirements.
• Conduct risk assessments to identify vulnerabilities in the organization's IT infrastructure, providing mitigation recommendations.
• Perform penetration testing and vulnerability assessments to simulate attacks and evaluate system security.
• Ensure data encryption, multi-factor authentication, and data backup strategies are effectively implemented across the organization.
• Support regulatory compliance efforts, ensuring adherence to HIPAA, PCI-DSS, GDPR, and other relevant standards.
• Develop, update, and test security incident response plans to prepare the organization for cybersecurity incidents.
• Monitor third-party vendor risks and ensure security measures are in place for vendor-managed systems.
• Stay updated on cyber threats, vulnerabilities, and trends, recommending risk mitigation strategies.
• Assist in security training and awareness programs to promote a security-conscious culture.
• Demonstrate excellent guest service to internal team members and patients.
• Perform other related duties as assigned.

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field.
• 2+ years of experience in cybersecurity, IT security, or related roles.
• Strong knowledge of network security, firewall management, IDS/IPS, and SIEM tools.
• Experience with endpoint security, antivirus, and DLP systems.
• Familiarity with cloud security frameworks (AWS, Azure, GCP) and cloud security practices.
• Hands-on experience with penetration testing, vulnerability assessments, and security audits.
• Knowledge of regulatory standards such as HIPAA, GDPR, PCI-DSS, and NIST frameworks.
• Proficient in risk management, risk mitigation, and vulnerability assessment.
• Excellent communication skills to explain security concepts to technical and non-technical stakeholders.
• Certifications preferred: CISSP, CEH, Security+, CISM, or similar.
• Ability to work independently in a fast-paced, cross-functional environment.
• High professionalism and integrity.

• Sedentary work with occasional lifting up to 15 lbs. and negligible exertion.
• Repetitive motions involving wrists, hands, and fingers; close visual acuity required.

• Mosaic Health is an EEO employer. All qualified applicants will receive consideration without regard to protected statuses.
• Accommodation requests for application or interview process should be directed to HRbenefits@mpgus.com.