Security Analyst - SaaS

Founded in 1995, Vastian is the leading provider of healthcare and laboratory quality, compliance and accreditation solutions, powering laboratories and hospitals to achieve better clarity and show their higher standards. Its single, configurable integrated platform delivers a standardized, centralized solution that automates quality and compliance tasks and is fully customizable. With Vastian, health systems and labs can get ahead of compliance and quality processes, saving time that can be spent on delivering better care. Vastian is a private equity backed, fast-growing SaaS business based in Lawrenceville, GA, outside Atlanta.

Click here to learn more about Vastian and our suite of solutions.

In addition to a competitive base salary and performance bonus program, Vastian offers a comprehensive and very pro-employee benefits package which includes the following:

• Medical, dental and vision insurance
• Short- and long-term disability coverage
• Life insurance and AD&D
• Supplemental life insurance
• 401(k) savings plan
• Paid time off

#LI-Remote

We are seeking a proactive and skilled Security Analyst to join our team and support our continued growth. This position will be involved in activities across the business to maintain our security posture and compliance with standards such as HIPAA, FedRAMP and SOC 2. The individual will have a strong technical background, ideally in SaaS, and experience in vulnerability management, security and compliance documentation, continuous monitoring and security and awareness training.

Responsibilities and Duties:

• Vulnerability Management: Conduct regular scanning and penetration testing, analyze and prioritize vulnerabilities, collaborate on remediation, and report on status.
• Documentation & Policy Management: Develop and maintain security policies, standards, and procedures, ensuring accuracy and compliance.
• Continuous Monitoring: Participate in and improve continuous monitoring activities.
• Audit Management & Compliance: Support internal/external audits, coordinate with auditors, manage findings, and maintain compliance (FedRAMP, SOC 2)
• Client Security Assurance: Act as a primary point of contact for client security questionnaires, RFPs, and due diligence requests.
• Security Training & Awareness: Assist in developing and delivering security awareness programs and promoting a strong security culture.

• Third-Party Risk Management (TPRM): Assist in security assessments and review vendor security.
• Cloud Security Operations: Monitor cloud security configurations, identify misconfigurations, and support the implementation of cloud security tools.

Qualifications:

• BS degree in a technical field.
• 3+ years of experience in Information Security, ideally in a cloud hosted SaaS environment

• Knowledge of Microsoft Azure tools for security and compliance management such as Sentinel and Defender for Cloud
• Experience in vulnerability management and related tools (e.g. Qualys)
• Solid understanding of common security frameworks and standards (NIST, SOC 2, FedRAMP, HIPAA).
• Excellent technical writing skills as well as interpersonal skills.
• Strong organizational and communication skills
• Ability to prioritize quickly in a fast-paced environment.

Vastian is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, national origin, pregnancy status, sex, age, marital status, disability, sexual orientation, gender identity or any other characteristics protected by law.