Direct Placement Title: Information Security Analyst Compensation: $55,000 + Comprehensive Benefits Package Location: San Juan, Puerto Rico Company Description: Our client is a premier healthcare information technology company based in Puerto Rico, with a branch in Charlotte, North Carolina. They are primarily a healthcare clearinghouse, which means they act as an intermediary for the electronic exchange of healthcare information, particularly medical claims, between providers, hospitals, health plans, and patients. They're dedicated to leveraging technology to optimize healthcare delivery, ensuring compliance with strict industry regulations like HIPAA, CMS, and ONC, and maintaining robust data security with HITRUST Risk-based, 2-year Certification. Position Description: RCM is looking for a dedicated and proactive Information Security Analyst to join our client's growing team. In this role, you'll play a crucial part in protecting our sensitive healthcare data and systems by monitoring security events, responding to incidents, and contributing to the overall security posture of our organization. Responsibilities: + Monitor and Respond: Proactively monitor security dashboards and Security Information and Event Management (SIEM) systems for alerts, anomalies, and suspicious activities. You'll also assist in incident response efforts and security investigations to mitigate threats promptly. + Security Operations: Maintain and manage essential security tools, including antivirus and endpoint detection and response (EDR) solutions (e.g., Sophos). You'll also monitor and review configurations and alerts from key security platforms such as firewalls and email security solutions. + Vulnerability Management: Support vulnerability scanning, track patch deployments, and assist in remediation efforts to minimize security gaps. + Security Awareness & Training: Coordinate phishing simulation campaigns and help deliver engaging security awareness training to our employees, fostering a security-conscious culture. + Access Control & Hardening: Help manage user access controls, enforce least privilege practices, verify system hardening standards and secure configurations across endpoints and servers. + Policy & Compliance: Assist in the maintenance and updating of cybersecurity policies, procedures, and documentation. You'll also participate in internal audits to ensure alignment with critical regulatory compliance frameworks like HIPAA, HITRUST, and SOC2. + Collaboration & Support: Work closely with the IT team to support the secure onboarding and offboarding of users and assist with configuration change tracking. Qualifications: + Technical Fundamentals: Working knowledge of Windows Server, Active Directory, and fundamental network concepts. + Cybersecurity Tool Familiarity: Interest or experience with security tools like SIEM, WAF, EDR, and antivirus solutions, with exposure to cloud platforms (Azure/AWS) preferred. + Cybersecurity Principles: Solid understanding of security best practices, incident handling, endpoint security, and vulnerability management principles. + Analytical & Problem-Solving Skills: Strong attention to detail, excellent problem-solving skills, and the ability to analyze data, identify trends, and develop effective action plans. + Communication Skills: Good written and verbal communication skills, with a strong preference for full bilingual proficiency in English and Spanish. + Teamwork & Proactivity: Willingness to learn, ability to collaborate effectively in a team-oriented environment, and a proactive, structured approach. + Organizational & Time Management: Ability to manage multiple priorities and meet deadlines effectively. + Software Proficiency: Proficient in Microsoft Office Suite, particularly Excel for data analysis and reporting. Education and Certifications + Associate or bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. + 1–2 years of professional experience in IT support or cybersecurity operations. + Industry Certifications: Certifications such as CompTIA Network+, Security+, or + Microsoft Security Fundamentals are a significant plus. Working Conditions + Environment: Primarily an office-based working environment. + Hours: Occasional extended hours and weekend work may be required to complete special projects and reports. Physical Demands + Sedentary Role: Approximately 90% of working time involves sitting at a desk and working on a computer; 5% standing and 5% walking. + Communication: Regular use of a headset for talking or listening is required. + Lifting: The role requires no strength for lifting, moving, pulling, or pushing objects. Mental and Visual Attention Demand + High visual and mental concentration is required due to the nature of compliance work, audit detail reviews, policy interpretation, and risk documentation. Benefits: + Health and life insurance, 401K savings plan, Short-term disability, vacation and sick leave, paid holidays, professional development and career growth. Equal Opportunity Statement: RCM is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Pay Transparency: RCM believes in transparency and fairness in compensation. We are committed to providing our employees with competitive salaries that reflect their skills, experience, and contributions to our organization. As part of our commitment to pay transparency, we want to provide you with as much information as possible about our compensation practices. Disclaimer: This job posting is intended to describe the general nature and the level of the work to be performed. It is not intended to include every job duty and responsibility specific to the position. RCM reserves the right to amend and change responsibilities to meet business and organizational needs as necessary. About RCM: RCM is a leading provider of Business, IT, and Engineering Services to over 1,000 clients in the commercial marketplace. RCM partners with clients to define, implement and manage a broad range of technologies across multiple platforms, systems, and networks. Our broad geographic presence ensures that a proven and reliable tactical and strategic capability is available and deployable virtually everywhere in North America.