Information Security Analyst
Norwalk, CA

Job Description

Transforming the future of healthcare isn't something we take lightly. It takes teams of the best and the brightest, working together to make an impact.

As one of the largest healthcare technology companies in the U.S., we are a catalyst to accelerate the journey toward improved lives and healthier communities.Here at Change Healthcare, we're using our influence to drive positive changes across the industry, and we want motivated and passionate people like you to help us continue to bring new and innovative ideas to life.

If you're ready to embrace your passion and do what you love with a company that's committed to supporting your future, then you belong at Change Healthcare.

Pursue purpose. Champion innovation. Earn trust. Be agile. Include all.

Empower Your Future. Make a Difference.

Position Description

Change Healthcare is looking for an Information Security Analyst to support and evolve their customer security assurance program. The program supports pre and post-sale information security related requests, such as: audits, risk assessments, questionnaires, attestations, and requests for numerous artifacts. This role will help to triage inquiries, develop responses, and fulfill the requests. The resource will partner with their stakeholders, including IT and information security control owners, to ensure compliance with critical controls. The resource will also administer, support and drive the evolution of tools and processes supporting the customer security assurance program.

KEY RESPONSIBILITIES

70 % Facilitate responses to requests

25 % Execute maintenance and evolution of tools, artifacts process, and procedures

5% Administration

RESPONSIBILITIES

* Facilitate and execute responses to information security related customer requests: Customer Questionnaires, Audits, Remediation Plans, Test results, Contracts, Certifications, Attestations etc...
* Support redlining and negotiating customer security contracts
* Support metrics
* Administer, maintain and support the customer assurance program, tools, processes, metrics, repositories, documentation, and artifacts
* Maintain a high-level understanding of all information security policy and functions at Change Healthcare to enable conversational discussions on our overall control posture
* Maintain an understanding of organizational structure, product portfolio and control ownership to enable response assignments and deliverables
* Assist in the development of standard control response language and deliverables to ensure consistent and timely response to control inquiries
* Partner with internal IT teams to develop remediation plans to address findings
* Ensure remediation plans are tracked and executed as agreed
* Identify and execute process improvements
* Partner with IT and security control owners and account managers to maintain positive customer satisfaction
* Represent Change Healthcare's Information Security Program to customers as needed
* Deliver challenging messages in a diplomatic fashion to internal and external stakeholders
* Ask informed questions to determine key details regarding control ownership and control posture
* Explain security controls to individuals who are not security experts
* Solicit and acquire responses from control owners that may not have responses readily available
* Organize on-site audits based on control areas and control owners to ensure efficient use of control owner and auditor time
* Categorize control deficiencies by domain to develop risk reports and drive remediation of repeat control deficiencies
* Identify alternative methods for achieving compliance to required controls
* Establish strong working relationships with IT teams, internal business customers, external customers, and peers
* Project Manage open issues until resolution

Minimum Requirements

* 3-5 years of experience in a risk management, security assessment, or internal audit capacity
* If remote worker, must have a designated work space that will limit distractions/interruptions and be focused on performance without onsite supervision
* Strong problem solving and project management skills required

Critical Skills

* Excellent communication and Interpersonal skills - Able to interface, influence, and communicate (written and verbally) with all levels of management, industry organizations, and customers
* Solid understanding of a wide variety of IT concepts, risk domains, regulations ( ideally HIPAA, then PCI, FISMA) and information security control frameworks(ideally HITRUST, then ISO270001, NIST, COBIT)
* Strong Task Management and Time Management Skills- Must be organized, analytical, flexible and detail oriented
* Technically proficient, minimally with MS Office products, but should also have experience assessing and applying technology to solve business problems
* Experience developing and executing audits/risk assessments (vendor or customer focused audits/assessments is a plus)
* Candidates in the Nashville, Tn. location must be within driving distance of the Change Healthcare Office.

Education

Prefer 4- Year college degree and/or equivalent experience in Healthcare and/or Sales Operations.4-year degree in computer science or related field or equivalent experience

Certifications/Licensure

IT Security, compliance or auditing certification preferred (e.g. such as CISSP, CISM or equivalent)

Physical Requirements

* Physical Requirements - Sitting, standing, walking, and using key board
* If remote worker, a home office / work space will be required with internet access, phone, copy/fax

Benefits & Company Statement

Change Healthcare is one of the largest, independent healthcare technology companies in the United States. We are a key catalyst of a value-based healthcare system working alongside our customers and partners to accelerate the journey towards improved lives and healthier communities.

We provide software and analytics, network solutions and technology-enabled services that help our customers obtain actionable insights, exchange mission-critical information, control costs, optimize revenue opportunities, increase cash flow and effectively navigate the shift to value-based healthcare. Our solutions enable improved efficiencies and insights for all major stakeholders across the healthcare system, including commercial and governmental payers, employers, hospitals, physicians and other providers, laboratories and consumers.

Change Healthcare is an equal opportunity and affirmative action employer minorities/females/veterans/persons with disabilities.

Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

Agency Statement

No agencies please.

Join our team today where we are creating a better coordinated, increasingly collaborative, and more efficient healthcare system!

Equal Opportunity/Affirmative Action Commitment

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.