Cybersecurity Analyst

Who we are:

Johns Hopkins Health Plans (JHHP) is the managed care and health services business of Johns Hopkins Medicine. JHHP is a $3B business serving over 500,000 active members with lines of business in Medicaid, Medicare, commercial, military health, health solutions, and venture investments. JHHP is a leader in provider-sponsored health plans and is poised for future growth.

Many organizations talk about transforming the future of healthcare, at Johns Hopkins Health Plans, we are setting the pace for change within the healthcare industry. We develop innovative, analytics-driven health programs in collaboration with provider partners to drive improved quality and better health outcomes for our members and the communities we serve.

What awaits you:

• Work-life balance - This is a hybrid role-Hanover, MD. Must report on site at least quarterly. Applicants living in MD, DC, VA, PA, DE, or FL will be given first consideration.
• Medical, Dental, and Vision Insurance.
• 403B Savings Plan w/employer contribution.
• Paid Time off & Paid holidays.
• Health and wellness programs and MORE!

Position Summary:

The Cybersecurity Analyst is responsible for safeguarding, monitoring, and continuously advancing the organization’s security posture across complex hybrid environments, including Azure Government, AWS GovCloud, and on-premises data centers. This role serves as a hands-on security practitioner and technical leader, proactively defending enterprise systems against sophisticated and evolving cyber threats.

The Cybersecurity Analyst partners closely with Infrastructure, Network Engineering, and Cloud teams, but operates as a dedicated security authority—bringing advanced expertise in cybersecurity operations, threat detection, incident response, and vulnerability management. The role is accountable for identifying, analyzing, and mitigating risks across the enterprise, ensuring security is embedded into all systems and processes by design.

This position requires strong, practical experience in applying security frameworks such as NIST SP 800-171 and CMMC 2.0 within real-world environments. The Cybersecurity Analyst is expected to move beyond audit-driven compliance, enabling continuous monitoring, control validation, and operational resilience to maintain a constant state of audit readiness.

The role also demands deep familiarity with modern threat landscapes, attacker tactics, and defensive technologies. The Cybersecurity Analyst will actively contribute to security architecture, detection engineering, and incident response capabilities, while continuously improving security controls across cloud and on-prem platforms.

Experience needed:

• Minimum of 3–5 years of hands-on cybersecurity experience in a Security Operations, Threat Detection, Incident Response, or Vulnerability Management role
• Demonstrated experience securing cloud environments (Azure Government and/or AWS GovCloud)
• Proven experience with SIEM (e.g., Splunk), EDR, vulnerability management tools (e.g., Tenable), and network security technologies (e.g., Palo Alto)
• Strong working knowledge of NIST SP 800-171, CMMC 2.0, and continuous monitoring practices
• Experience conducting incident investigations, threat hunting, and root cause analysis
• Background in network engineering or system administration is preferred, but dedicated cybersecurity experience is required

Education:

• A 4 year college degree plus 2 years’ experience in a network or security-related position

OR

• an Associate’s degree plus 3 years’ experience in a security-related position

OR

• 4 years’ experience in a security-related position

OR

• current industry certification plus 2 years of experience in a network or security-related position

Required Licensure, Certification:

• Security + or CISSP strongly preferred

Salary Range: Minimum 30.08/hour - Maximum 52.65/hour. Compensation will be commensurate with equity and experience for roles of similar scope and responsibility.

In cases where the range is displayed as a $0 amount, salary discussions will occur during candidate screening calls, before any subsequent compensation discussion is held between the candidate and any hiring authority.

JHM prioritizes the health and well-being of every employee. Come be healthy at Hopkins!

Diversity and Inclusion are Johns Hopkins Medicine Core Values. We are committed to creating a welcoming and inclusive environment, where we embrace and celebrate our differences, where all employees feel valued, contribute to our mission of serving the community, and engage in equitable healthcare delivery and workforce practices.

Johns Hopkins Health System and its affiliates are drug-free workplace employers.