Security Analyst
Security Analyst
First Health Advisory
United States
See who First Health Advisory has hired for this role
The Security Analyst will be responsible for assessing present information security controls and recommend additions or modifications where appropriate to increase defensive posture for First Health clients. As a Security Analyst you will play an advisory role to First Health clients in security program development or capability implementation projects. Primary responsibilities are understanding client business environment, assessing client security requirements and current implementation of security controls, executing security project tasks, and participating in risk management and assessment activities.
Responsibilities
- Provide industry-specific expertise and guidance to clients
- Brainstorm strategies for client security program growth, positive change, and improvement
- Solve problems through helpful recommendations and practical suggestions
- Additional responsibilities and duties as assigned
Duties
- Assist in building out the GRC framework and governance model needed to develop and support the enterprise-wide risk identification, assessment, taxonomy, quantification, remediation, and reporting processes.
- Develop and maintain information security and IT risk register to track identified risks, risk decisions and related action plans.
- Develop and maintain appropriate processes, tools, and metrics to efficiently manage and communicate information security and IT risk.
- Reviews risk status with senior leadership on a regular basis.
- Collaborate to define IT security standards and develop supporting organizational policies.
- Support and coordinate procedures and controls that assure compliance with all applicable regulatory and legal requirements, as well as good business practices.
- Perform security and compliance assessments on new and existing systems, processes, technology.
- Performs third-party supplier risk assessments to ensure supply chain risk is managed throughout the supplier's lifecycle. Assesses and reports on the risks and benefits for the business as well as mandates for supplier compliance.
- Articulates results of final assessments to business stakeholders, project sponsors, program managers, and other internal parties.
- Contributes to maintenance and information gathering for inventory of relevant suppliers/vendors and related controls and risks for ongoing vendor risk management activities.
- Work with cross-functional business and clinical resources to provide guidance and support and ensure controls are adequate, appropriate, and effective.
- Supports workforce security activities including culture, awareness, and training.
- Stay up to date and informed on developing regulatory concerns and changing IT and information security trends.
Desired Skills
- Requires a minimum of 3 years of experience in IT, IT Security, Risk, Compliance, and/or Governance or related fields.
- Significant experience with legal and regulatory compliance standards and security frameworks such as NIST Cyber Security Framework (CSF), NIST 800-53, ISO 2700x, PCI-DSS, HIPAA, HITRUST, 405(d) HICP, etc.
- Ability to translate regulatory requirements into practical business considerations and recommendations
- Ability to proactively identify opportunities for continuous improvement
- Solid understanding of information security, IT networks, and technology stacks
- Experience with process, risk, and controls management
- Experience with security products and knowledge of IT security technologies
- Prior IT and/or cybersecurity hands-on technical experience preferred
- Experience working in the healthcare industry
Education
- Associate’s degree in computer science or related area, or equivalent work experience
- Industry-recognized certification in security strongly preferred: Security+, Network+, SSCP, HCISSP, or similar
-
Seniority level
Mid-Senior level -
Employment type
Full-time -
Job function
Information Technology -
Industries
IT Services and IT Consulting
Referrals increase your chances of interviewing at First Health Advisory by 2x
See who you knowGet notified about new Security Analyst jobs in United States.
Sign in to create job alertSimilar jobs
People also viewed
-
IT Security Analyst
IT Security Analyst
-
Remote Data Security Analyst
Remote Data Security Analyst
-
Security Analyst-III (REMOTE)
Security Analyst-III (REMOTE)
-
Security Analyst
Security Analyst
-
Information Security Analyst I
Information Security Analyst I
-
Security Operations Center (SOC) Analyst - L1
Security Operations Center (SOC) Analyst - L1
-
Security Operations Center Analyst
Security Operations Center Analyst
-
Security Operations Analyst
Security Operations Analyst
-
Cybersecurity Analyst - NQV (Remote)
Cybersecurity Analyst - NQV (Remote)
-
Security Analyst
Security Analyst
Similar Searches
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More