Information Security Analyst

Location: Remote/Virtual

Req #200404

The Security Operations team uses cutting-edge security technology to collect and analyze thousands of data points per day, to protect millions of users’ sensitive information. Our team has broad responsibility for information security, application security, security monitoring, and incident response across Castlight Health. We are motivated and proactive individuals woven into a collaborative business where teamwork and flexibility are critical to our success.

We are looking for an Information Security Analyst to bring fresh perspectives in all areas of security, including information retrieval, alert correlation automation, network and application penetration testing, as well as malware analysis. You will work closely with IT teams, data center operations personnel, and external business partners. You will play a key role in analyzing potential threats, as well as managing security tools and projects that align with Castlight Health's security strategy.


  •  Manage and mature security tools for configuration, automation, SIEM integration, and availability
  • Leverage tools to identify application and network vulnerabilities.
  • Work with developers on code fixes
  • Coordinate cross-functional projects with Security team members
  • Assist with customer security requests and coordinate customer security audits
  • Assess vendors against security requirements and execute periodic vendor security reviews
  • Collect, review, analyze, and verify the design and effectiveness of technical security controls based on internal policy, compliance frameworks, and client expectations


  •  3 years of experience in information security, network security, application security, and/or IT audit/compliance
  • BA/BS in Computer Science, Information Systems, or equivalent degree
  • CISA/CISM/CISSP or other relevant certification desired
  • Must be action and results oriented, with excellent communication and presentation skills, and have the ability to present ideas in a collaborative team setting and in a user-friendly language
  • General business skills and an aptitude for critical thinking and intellectual curiosity.
  • Great attitude, independent, and takes ownership of all tasks from start to end.

Required Skills

  •  Technical understanding of Internet Protocol, distributed systems, and cloud architectures
  • Experience of information security tools/systems: SIEM, DLP, IDS/IPS, etc.
  • Unix and Bash
  • Must be comfortable in a fast-paced, demanding, and dynamic work environment
  • Experience with one or more of the following Information Security frameworks and standards: ISO/IEC 27000-series, SSAE16, SOC1/2, HITRUST, and rules/regulations related to privacy and data confidentiality (e.g. Privacy Shield, GDPR).


Up to 10% travel that may include international locations


Our Values

One team. On a mission. Making things happen.

Diversity and Inclusion

The Castlight culture values and celebrates different backgrounds, perspectives, and points of view. We believe our diversity helps drive creativity and innovation. We strive to make everyone feel included, valued, and engaged; enable them to do their best work; and build their careers here at Castlight. That is why diversity and inclusion are more than just words to us. Rather, they are a commitment to a culture where employees feel respected and empowered to share their ideas and deliver the best results.

Learn more about our continuing commitment to diversity and inclusion.

About Castlight

Castlight is on a mission to make it as easy as humanly possible to navigate healthcare and live happier, healthier, more productive lives. Our health navigation platform connects with hundreds of health vendors, benefits resources, and plan designs, giving rise to the world’s first comprehensive app for all health needs. We guide individuals—based on their unique profile—to the best resources available to them, whether they are healthy, chronically ill, or actively seeking medical care. In doing so, we help companies regain control over rising healthcare costs and get more value from their benefits investments. Castlight revolutionized the healthcare sector with the introduction of data-driven price transparency tools in 2008 and the first consumer-grade wellbeing platform in 2012. Today, Castlight serves as the health navigation platform for millions of people and is a trusted partner to many of the largest employers in the world. We are headquartered in San Francisco, and can be found online at and on the New York Stock Exchange as CSLT.

Castlight Health provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Castlight Health will provide reasonable accommodations for qualified individuals with disabilities.

Castlight Health does not accept unsolicited assistance from recruitment search firms for employment opportunities. All resumes submitted by search firms to any employee at Castlight Health via email, the Internet or in any form and/or method without a signed search agreement on Castlight’s form in place ahead of time will be deemed the sole property of Castlight Health. In such cases, no fee will be paid or payable in the event the candidate is hired by Castlight as a result of the submission.