Mid Level Security Analyst - MN

Information Security Analyst (Healthcare) Remote Summary: The Risk & Controls Analyst Senior is responsible for executing and developing processes to ensure IT's compliance with regulatory, industry and client security requirements. This role is responsible for working with cross-functional teams and management to design and execute the operational processes needed to support the Security Governance Risk and Compliance program. Job Responsibilities: Identify security issues and risks, and develop mitigation plans Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles Develop and interpret security policies and procedures Participate in security compliance efforts Develop and deliver training materials and perform general security awareness and specific security technology training Evaluate and recommend new and emerging security products and technologies Qualifications: Bachelor's degree in a technical field such as computer science, computer engineering or related field required 10 years experience required Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security Consistent implementation of security solutions Experience in infrastructure or application-level vulnerability testing and auditing A typical Information Security Analyst is responsible for: Conduct and lead vendor and system risk assessments, coordinate and finalize responses to client RFP and assessment requests, review information security language for client and vendor contracts and modify when required Review evidence and verify that controls are designed and operating effectively and comply with security requirements to HITRUST, SOC 2, HIPAA, and client contracts Assist in the development and implementation of reporting processes and metrics that monitor risk and controls status Work with IT and auditors to develop and validate audit scope, action plans and remediation Other duties as assigned DICE cclausenc4techservices.com