Company Overview
At Allia Health Group, the umbrella organization for Southend Pharmacy, Brello Health, and Woven, we don’t just follow industry trends—we redefine them. Our mission is to commoditize anti-aging solutions, making them affordable and accessible to the average consumer—not just the wealthy. By offering customized and cost-effective wellness products that follow cost-containment models, we aim to improve people’s quality of life and meet them wherever they are on their health journey.
Job Summary
Allia Health Group is seeking a dedicated and detail-oriented Security Operations Analyst. This position plays a critical role in building our security monitoring capability from scratch on GCP, then running it. Within your first quarter, we’ll have a working SIEM with alerts routing to the right people. Within six months, we’ll have documented incident response for the ten most likely scenarios. By Q4, we can show auditors a log of real events investigated and closed.
Key Responsibilities
● Design and implement SIEM on GCP: Cloud Logging, Log Analytics, Security Command Center alert routing, and
integration with third-party tooling
● Write and tune detection rules for the most critical threat scenarios (privileged access abuse, data exfiltration,
unauthorized PHI access, configuration drift)
● Build and own the Incident Response plan: playbooks, escalation paths, communication templates, post-incident
review process
● Own the HIPAA breach detection and notification process — maintain the 72-hour response capability and
document all investigations
● Conduct regular threat hunting exercises against GCP logs and workloads
● Manage vulnerability scan results from the DevSecOps pipeline: triage, prioritize, track remediation SLAs
● Feed incident and alert data into Data as continuous monitoring evidence for SOC 2
● Produce monthly security operations metrics for the Head and quarterly summaries for leadership
What We Require
● 2+ years in a Security Operations, SOC Analyst, or Incident Response role
● Hands-on SIEM experience — Google Chronicle, Splunk, Microsoft Sentinel, or similar
● Experience writing detection rules and alert logic (correlation rules, threshold alerts)
● Practical knowledge of incident response methodologies (SANS, NIST SP 800-61)
● Familiarity with HIPAA breach notification requirements (§164.400–414)
● Understanding of cloud-native security tooling, ideally GCP Security Command Center
● Ability to produce clear, auditor-facing incident reports and investigation records
Preferred Requirement
● CompTIA Security+, CySA+, or equivalent certification
● Experience with GCP-native logging (Cloud Audit Logs, VPC Flow Logs, Cloud IDS)
● Background in health-tech or handling PHI/PII data
● Experience with SOAR platforms (Splunk SOAR, Google SOAR, Palo Alto XSOAR)
● Familiarity with threat intelligence feeds and their integration into detection rules
● Prior exposure to SOC 2 security monitoring control requirements
What We Offer
Full benefits package including medical, vision, dental, 401(k) with company match, PTO, Flex days, holidays, and more!
Allia Health Group does not provide employment visa sponsorship now or in the future. Applicants must be legally authorized to work in the United States without the need for current or future sponsorship.
Equal Opportunity Employer Statement
Allia Health Group is proud to be an Equal Opportunity Employer where we are committed to fostering a diverse and inclusive workplace. We are committed to cultivating a culture where all team members feel valued & respected. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity or expression, sexual orientation, national origin, genetic information, disability, age, veteran status, or any other characteristics protected by applicable law.
If you have any questions or require immediate assistance or accommodations during the application or interview process, please contact us at [email protected].