Senior Information Security Analyst
AccentCare, Inc.® is a national post-acute healthcare provider with 45 years of industry experience. We thrive on providing patient-centric care and a warm and personalized experience within our local communities.
Your Success is our Success. We strive to provide our new employees with a structured on-boarding process to help you become assimilated quickly, and cutting-edge tools to make your daily work easier and more efficient. We offer extensive training and a wide-array of opportunities for continued education and promotional opportunities.
Position: Senior Information Security Analyst
Reports to: Information Security Manager
The Senior Information Security Analyst assists in the protection of the confidentiality, integrity, and availability of AccentCare’s proprietary information by analyzing, enhancing and maintaining security controls in support of the Information Security Program. This role will be responsible for designing and implementing IT Security systems with a primary focus on developing and maintaining the organizations eGRC platform.
- Developing and maintaining the organizations eGRC platform
- Developing and performing security risk assessments
- Creating and implementing security policy/procedures
- Collaborate with business on security related topics (IT, Compliance, Legal, Risk Management)
- Development of security awareness training materials
- Comply with applicable legal requirements, standards, policies and procedures including, but not limited to the Compliance Program: Code of Conduct, HIPAA and Documentation Standards.
- Maintains a commitment to the values and mission of AccentCare.
- Additional responsibilities as assigned by one’s supervisor or other manager related to the position/department.
- 5+ years of information security experience
- 3+ years of eGRC technology development experience
- 2+ years of experience creating security policy, procedure, and assessment.
- 2+ years performing security risk assessments
- 7+ years of total related IT experience
- BS degree preferred
- CISSP, CISA, or equivalent information security certification preferred
- Prior experience developing and administering an eGRC platform (ServiceNOW, Archer, etc) for a medium/large size organization
- Experience creating and implementing security policy documentation
- Experience creating risk assessments based on security controls
- Experience performing risk assessments and creating corrective action plans
- Experience driving process improvements and workflow development for the identification, measurement, management, tracking, and reporting of information risks.
- Experience with development of Information Security awareness and education materials, presentations
- Working knowledge of healthcare industry regulations/certifications and common security framework (HIPAA, HITRUST, NIST)
- Strong understanding of information security technologies
- Knowledge of technical infrastructure, networks, databases and systems in relation to information security
- Strong project/process management skills
- Ability to work independently with minimal supervision
- Strong written and verbal communication skills
- Ability to work in a fast paced, multi-task environment with competing priorities
- Excellent interpersonal/listening skills
- Proficient in interacting with and creating a collaborative working environment amongst and stakeholders at all levels of the organization
- Possess a responsible, detail-oriented, results-driven work ethic