Our partner is looking for a Remote Senior Information Security Analyst’s to be the internal point of contact and administrator for HITRUST certification and maintenance. The Senior Information Security Analyst also generally works to ensure both the partner's platform and the broader team maintain compliance surrounding HIPAA, HITRUST, and general cybersecurity best practices. Working in conjunction with the CTO, the Senior Information Security Analyst develops, refines, and enforces policies and procedures across the organization.
This position reports to the Chief Technology Officer.
Core Responsibilities
- Assessing information risk
- Reporting on and facilitating remediation of identified vulnerabilities for IT security and IT risk across the organization
- Manages the continuous protection of systems and information assets by contributing to or leading teams in the execution and implementation of information security defense improvements involving architecture, processes, tools and automation
- Assists in establishing, reviewing and maintaining security related policies, plans, processes and procedures to contribute toward the protection of critical business functions from disruption due to system failure or unavailability and to ensure enterprise applications have appropriate protections in place
- Collaborates with IT staff and external security vendors to monitor the security posture of all networked systems and leads efforts to take appropriate steps to quickly deal with any identified vulnerabilities
- Provides network and security expertise and guidance for all aspects of information assurance
- Maintains a high level of technical expertise on server/network hardware and software and appropriate security tools
- Assists in the selection, evaluation, and implementation of information system security infrastructure and strategic and operational planning
- Supports efforts to meet HIPAA and HITRUST requirements utilizing established security framework, leading/contributing efforts toward assessment completion and action plan follow through
- Performs duties in compliance with and according to organizational policies and procedures, regulatory requirements and sound business practices.
Knowledge / Skills / Abilities
- Bachelor’s Degree from an accredited university or college in Computer/Information Science/Business required.
- Minimum of six (6) years of technical experience in an enterprise-wide system, network or security-related IT position. Equivalent combination of experience and education (min Bachelors) may be considered.
- Leadership, project management, use of methodology, time management and organizational skills to direct security efforts with the project team.
- Demonstrated ability to lead high visibility projects, to work effectively and carefully under pressure, to meet project deadlines, to learn independently, to communicate effectively with a variety of people and to write well is required.
- Demonstrated ability to work cooperatively and strategically in a team environment with all levels of professional, technical, and administrative staff
- Excellent interpersonal and communication skills
- Ability to deal with highly confidential information and act as a liaison between the Chief Technology Officer, the Data Science teams, and Engineering teams
- Skills to collaborate with and achieve actionable results through and with others
- Ability to build strong and sustainable relationships
We encourage people from historically underrepresented communities in technology to apply, including but not limited to women, people of color, people with disabilities, people of all age brackets, people with complex work and life histories, and those who identify as LGBTQ. We are a distributed team with hubs in the Denver area and Madison. Denver/Boulder is preferred, but candidates living anywhere are encouraged to apply and will not be required to relocate. US work authorization required.