Security Analyst
Posted 2026-06-26Metro Vein Centers is a rapidly growing healthcare practice specializing in state-of-the-art vein treatments. Our board-certified physicians and expert staff are on a mission to improve people’s quality of life by relieving the painful, yet highly treatable symptoms of vein disease—such as varicose veins and heavy, aching legs.
With over 70 clinics across 8 states, and still growing, we’re building the future of vein care—delivering compassionate, results-driven care in a modern, patient-first environment.
We proudly maintain a Net Promoter Score (NPS) of 93, the highest patient satisfaction in the industry.
About the Role
Metro Vein Centers is hiring a Security Analyst to own and mature our information security program across a 70+ clinic, cloud-first healthcare environment. This is a newly created role that reflects our commitment to proactive security, HIPAA compliance, and a zero trust approach to identity and access management.
You will be responsible for day-to-day security operations, including alert monitoring, access reviews, endpoint security, email security, MDM policy enforcement, MFA administration, phishing simulation programs, and more. The ideal candidate is both technically proficient and operationally focused, with the ability to drive security initiatives while partnering with clinical and corporate teams.
What You'll Do
Monitor security alerts and events across the environment; investigate, triage, and respond to incidents in a timely manner
Administer and maintain Google Workspace security controls, including DLP policies, Gmail security settings, Drive sharing policies, and audit log review
Manage endpoint detection and response operations
Oversee device compliance policies, conditional access rules, and endpoint security baselines
Administer and enforce MFA policies and password complexity standards across all user populations
Conduct quarterly role-based access audits across critical systems including Athena, Luma, Google Workspace, and BigQuery
Own and maintain least-privilege access model across enterprise applications and identity platforms
Manage email security controls including phishing protection, spam filtering, and DMARC/DKIM configuration
Design and execute phishing simulation campaigns; deliver user security awareness training
Support HIPAA security compliance, including contributing to risk assessments, policy updates, and audit readiness
Assist with identity and access management (IAM) administration, including SSO, Google Identity
Collaborate with the network team on ZTNA policy enforcement and Zscaler security configurations
Contribute to incident response plans, disaster recovery documentation, and security runbooks
Track and report on key security KPIs including MFA adoption, device compliance rates, open vulnerabilities, and audit findings
Other related security duties as assigned
Occasional travel for critical issues or growth
Being on call rotation
What You'll Bring
3–5 years of experience in an information security, security analyst, or IT security operations role
Hands-on experience administering Google Workspace security features (admin console, audit logs, DLP, OAuth app controls)
Experience with endpoint security platforms; CrowdStrike Falcon preferred, Microsoft Defender for Endpoint also considered
Familiarity with Microsoft security products including Intune, Microsoft Defender, and Entra ID
Solid understanding of identity and access management concepts: SSO, MFA, RBAC, least privilege
Experience conducting access reviews, user provisioning audits, and policy enforcement
Working knowledge of email security protocols (SPF, DKIM, DMARC) and email threat landscape
Strong analytical skills with the ability to investigate alerts and identify indicators of compromise
Excellent written and verbal communication skills; ability to explain security concepts to non-technical users
Familiarity with HIPAA Security Rule requirements and healthcare data protection obligations
Preferred Skills
CrowdStrike certification (CCFA, CCFH, or equivalent) preferred
Microsoft security certifications (SC-200, MS-500, or equivalent) a strong plus
Experience with Zscaler ZIA security policy management or cloud-native security platforms
Familiarity with SIEM platforms and log management tools
Experience running security awareness programs and phishing simulations (KnowBe4, Proofpoint, or similar)
Prior experience in healthcare IT security or compliance roles
Knowledge of NIST CSF or CIS Controls frameworks
Benefits to Support Your Wellbeing & Lifestyle
Full-time team members at Metro Vein Centers are eligible for:
Medical, Dental, and Vision Insurance
401(k) with Company Match
Generous Paid Time Off (PTO) + Paid Company Holidays
Company-Paid Life Insurance
Short-Term & Long-Term Disability Insurance
Employee Assistance Program (EAP)
Career Growth & Development Opportunities
A collaborative, mission-driven culture focused on delivering exceptional patient care
Compensation for this role varies based on years of experience, skill set, and alignment with position requirements.
Compensation:
$75,000—$85,000 USD
The Metro Vein Centers Difference
Healthy legs. Happier lives.
At Metro Vein Centers, we believe exceptional care begins with an exceptional experience. Our mission is to make vein care approachable, empowering, and connected to overall well-being. From the first conversation to the final follow-up, every patient interaction reflects our commitment to compassion, expertise, and trust.
A team united by purpose.
Our values guide everything we do:
Patients First, Always – Every interaction should make our patients feel valued, heard, and cared for.
Stronger Together – Teamwork and collaboration drive our success. We lift each other up to deliver the best for our patients.
A Can-Do Spirit – We meet every challenge with positivity, flexibility, and problem-solving energy.
Results That Make a Difference – We’re driven to improve lives through meaningful, measurable outcomes.
Commitment to Growth – We invest in our people, fostering advancement and professional development at every level.
Metro Vein Centers is an Equal Opportunity Employer.
We’re committed to creating a workplace where everyone feels seen, heard, and supported. We do not discriminate based on race, color, religion, sex, national origin, age, disability, genetics, gender identity or expression, sexual orientation, veteran status, or any other protected status in accordance with applicable federal, state, and local laws. This policy applies to all aspects of employment, including recruitment, hiring, promotion, compensation, benefits, and termination.
Legal & Compliance Notice:
Metro Vein Centers complies with all applicable federal, state, and local employment laws, including those related to nondiscrimination, equal opportunity, and pay transparency. Where specific disclosures or postings are required by law, we provide this information as part of our hiring process or upon request.
Your privacy matters.
To learn more about how we collect, use, and protect your information, please review our privacy policy here.