One stop solution to your remote job hunt!

By signing up you get access to highly customizable remote jobs newsletter, An app which helps you in your job hunt by providing you all the necessary tools.

OR
Subscribe to our highly customizable newsletter to get remote jobs from top remote job boards delivered to your inbox.
Bright HealthCare over 1 year ago
location: remoteus
Apply Now

Title: Information Security Analyst III

Location: Remote

Our mission is to make healthcare right. Together. We are a value-driven healthcare company committed to providing personalized care to aging and underserved populations. We do this by aligning stakeholders across the healthcare ecosystem. Together, we can improve consumer experience, optimize clinical outcomes, and reduce total cost of care.

What drives our mission? The company values we live and breathe every day. We keep it simple: Be Brave. Be Brilliant. Be Accountable. Be Inclusive. Be Collaborative.

If you share our passion for changing healthcare so all people can live healthy, brighter lives apply to join our team.

SCOPE OF ROLE

Working as part of the Information Security team within the Technology office at Bright Health, the Information Security Analyst III will report directly to the AVP of Information Security and will be responsible for leading day-to-day IT compliance, data governance, audit activities (internal and external), and supporting security operations. The role will include primary responsibility for identifying, analyzing, and influencing the management of information risks across the organization in support of legal and regulatory compliance needs as well as general IT and organizational information security practices.

ROLE RESPONSIBILITIES

  • Collaborate to define IT security standards and develop supporting organizational policies.
  • Perform security and compliance assessments on new and existing systems, processes, and technology.
  • Support vendor due diligence process and help to lead and define overall third-party risk management efforts.
  • Work with various business units to identify and facilitate the implementation of appropriate controls to effectively manage information risks.
  • Lead internal and external audit processes for relevant compliance concerns including SOC2, and HIPAA requirements.
  • Maintain IT/InfoSec risk register and communicate risk findings to risk owners and business leaders.
  • Perform periodic gap assessments to validate compliance on an ongoing basis.
  • Stay up to date and informed on developing regulatory concerns and changing IT and information security trends.

EDUCATION, TRAINING, AND PROFESSIONAL EXPERIENCE

  • Seven (7) years of relevant work experience required.
  • Bachelor’s degree in Information Security or related field; or equivalent work experience required.

PROFESSIONAL COMPETENCIES

  • Knowledge and experience in information security and privacy laws, access, release of information, and release control technologies.
  • Knowledge and experience in general electronic health information access, release of information, and release control technologies.
  • Ability to analyze the nature and classification of health data and the status of the person or entity requesting the electronic health data. Determine which provisions in HIPAA or security policy apply to the data, determine if other state or federal laws, rules, or regulations conflict with the applicable provision of HIPAA or policy; Determine if there are court decisions that address the issue; and recommend procedures or processes that reduce or eliminate the conflicts in law and assure compliance with applicable statutes and/or regulations.
  • Demonstrated organizational, facilitation, presentation, and project management skills with excellent written and verbal communication skills.
  • Ability to develop and/or modify policies and procedures within the confines of current law and management objectives.

LICENSURES AND CERTIFICATIONS

  • ISACA, GIAC, OCEG, or (ISC)2 Certification preferred.

WORK ENVIRONMENT

  • The majority of work responsibilities are performed remotely from home, or in an open office setting, carrying out detailed work sitting at a desk/table and working on the computer.
  • Some travel may be required.

As an Equal Opportunity Employer, we welcome and employ a erse employee group committed to meeting the needs of Bright Health, our consumers, and the communities we serve. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.