Information Security Assurance/Compliance Analyst
At Benefitfocus, our technology is changing the way the world thinks about healthcare and benefits. We provide insurance carriers, employers, consumers and government entities cloud-based technology to shop, enroll, manage and exchange benefits information. To be at the forefront of software technology, our strategy is simple. We hire the best and brightest to tackle the toughest challenges in the industry and create software that is making a positive impact in the lives of millions. One of the positions we are currently recruiting for is an Information Security Analyst to join our Cybersecurity team.
- Responsible for customer security assessments and questionnaires.
- Manage third party assurance reviews of our vendors.
- Support RFP’s as it relates to security and privacy.
- Support the business by responding timely to questions pertaining to security practices, policies and controls.
- Participate in department projects as requested.
- Other duties as assigned.
- Experience in security role or independently managing customer security assessments and questionnaires.
- Knowledge of information security and technology best practices, regulations, and regulatory trends especially as it pertains to auditing and control testing of information security programs.
- Prior RFP experience and supporting customers security assessments and questionnaires.
- Prior experience managing or auditing third party vendor assurance
- Prior experience leading security governance activities.
- Prior experience leading continuous monitoring activities and supporting various risk assessments.
- Demonstrated organizational and project management skills.
- Excellent interpersonal and communications skills.
- Self-motivated and results oriented.
- Demonstrated track record dealing well with ambiguity, prioritizing needs, and delivering measurable results in an agile, fast-paced environment.
- Establish and maintain good relationships with key business and external audit partners. Leverage specialized knowledge and skills, providing management with insight into areas of Cyber risk
- Proficient at Microsoft Office, various GRC, control monitoring and cybersecurity tools.
- Jira experience a plus.
- You are a critical thinker who seeks to understand the business and its control environment.
- You believe insight and objectivity are core elements to providing assurance on the effectiveness and efficiency of Benefitfocus’ governance, risk management, and internal control processes.
- You possess a relentless focus on quality and timeliness.
- You adapt to change, embrace bold ideas, and are intellectually curious. You like to ask questions, test assumptions, and challenge conventional thinking.
- You develop influential relationships based upon shared risk objectives and trust to deliver outstanding business impact and elevate the Information Security Assurance value proposition.
- You’re a firm believer that a rich understanding of data, innovation, and technology will only make you a better in your role and desire to consistently further your technical expertise.
Benefitfocus is committed to providing a diverse and inclusive workplace in which equality, representation and respect create a culture of belonging. It is Benefitfocus’ policy to encourage diversity in hiring, recognizing that this enriches the work environment for all Benefitfocus Associates and that a broad variety of perspectives enhances decision-making and creativity. Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, gender, sexual orientation, gender identity, protected veteran status or disability. Benefitfocus is an Equal Opportunity Employer Minority/Female/Disability/Veteran.