Security Analyst role supports Technology, and Governance Risk & Compliance (GRC). This includes internal security support for client inquiries, audits, assessments, risk management, compliance management, and overall security and compliance awareness.
Responsible for providing feedback to teams on relative risks ensuring risk remediation plans are developed & executed. Responsible for responding to client inquiries in relation to Signify Health's security controls, assisting with the review of Signify Health's security posture, and assisting with onsite visits and audits. Supports Senior Security Analyst to help provide leadership and guidance to other members of the team for all security related items.
* Work closely with the Senior Security Analyst to determine business process and productivity needs and an appropriate technology strategy to support business goals
* Provide client facing support by utilizing specific information as requested by clients
* Support Senior Security Analyst to coordinate and perform security risk assessments on internal systems and specific third parties
* Gather, interpret and summarize results of data gathering efforts and determine the associated security risk
* Help to advocate the cyber security program and evoke cooperation across business units
* Interpret and summarize results of the risk assessment and create report with action plans to remediate risk or document compensating controls to mitigate risk
* Help to provide guidance in information risk and security standards and best practices
* Assists in managing user access control and system access audits
* Assist Senior Security Analyst with various reports to provide to Management (logical access, onboarding, physical access, file, etc.)
* Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements.
* Assist Senior Security Analyst to plan and implement security measures to protect computer systems, networks, and data
* Stay up-to-date on the latest security intelligence in order to anticipate breaches
* Assist in creating, testing, and implementing disaster recovery plans
* Recommending security enhancements and purchases
Qualifications: Education/Licensing Requirements:
* High School Diploma or equivalent.
* Bachelor's degree in computer related field or equivalent experience.
* Experience with handling multiple projects in a fast-paced agile environment.
* Experience in IT audit, compliance, and risk assessments.
* Experience in participating or leading audits or projects.
* Experience with creating and summarizing various reports in a Technology environment.
* Experience with audit reporting tools such as AD Audit, SolarWinds, Cisco, etc.
* Fluently speak, read, and write English
* Excellent verbal and written communication skills
* Proven ability to prioritize and multi-task
* Demonstrated experience with one or more security standards or regulatory requirements (e.g., ISO/IEC 27001/2, COBIT, NIST, HIPAA, EU Data Protection Directive, PCI, etc.)
* Superior analytical, investigative, evaluative, and problem-solving abilities
* Proven ability to understand and interpret Legal, Regulatory and contractual compliance requirements
* Strong project management, communication, interpersonal & organizational skills
* Proficiency in all areas of Technology
* Proficiency in all areas of information security
* Self-directed and organized.
* Discrete/ability to maintain confidentiality.
* Team player.
* Detects errors early
* Sense of urgency.
* Customer service orientation.
* Ability to well work under pressure.
* Ability to work well independently.
* Ability to take direction.
* Fast-paced environment.
* Requires working at a desk and use of a telephone and computer.
* Use office equipment and machinery effectively.
* Ability to ambulate to various parts of the building.
* Ability to bend, stoop.
* Work effectively with frequent interruptions.
* May require occasional overtime to meet project deadlines.
* Lifting requirements of <20 lbs. occasionally.
SIGNIFY HEALTH IS AN EQUAL OPPORTUNITY EMPLOYER. Applicants and employees are considered for positions and are evaluated without regard to mental or physical disability, race, color, religion, gender, national origin, age, genetic information, military or veteran status, sexual orientation, marital status, gender identity or any other protected Federal, State/Province or Local status unrelated to the performance of the work involved.