Jul 4, 2022
The Security Analyst - Risk Management will be responsible for the Security Risk Management program, ensuring risks are tracked and managed in accordance with policy requirements. In this role you will be responsible for presenting to leadership on a regular basis, providing guidance and recommendations to risk owners for treatment activities, and will drive security strategy prioritization.
What will you do?
Management and maturation of the Security Risk Management program.
Coordination, tracking, and reporting of all security risks at Signify Health.
Lead the Security Risk Management working group and monthly leadership meetings.
Collaboration with cross-functional teams to support risk treatment planning activities.
Support audit, assessment, and compliance programs with evidence requests and interviews (as needed).
Mentor and train junior team members in risk management program. Maintain program activities in GRC tools and enterprise platforms.
Perform other duties as assigned.
We are looking for someone with:
Bachelor's degree in information security, information assurance, computer science or related field.
CRISC or related certification (CISSP, CISA, etc.).
5 or more years of experience in cybersecurity as a practitioner with exposure with various security frameworks
Experience and understanding of various regulatory requirements and laws, such as HIPAA, GDPR and CCPA
2-3 years experience leading risk management programs
Experience with cloud service models (Azure, AWS, Google)
Preferred Qualifications include:
Master’s degree in information security, information assurance, computer science or related field
Experience working in the Healthcare industry