Recent Searches

You haven't searched anything yet.

1 Security Compliance Analyst - Remote Job in Durham, NC

SET JOB ALERT
Details...
Validic
Durham, NC | Full Time
7 Months Ago
Security Compliance Analyst - Remote
Validic Durham, NC
Full Time | IT Outsourcing & Consulting 7 Months Ago
Save

sadSorry! This job is no longer available. Please explore similar jobs listed on the left.

Validic is Hiring a Remote Security Compliance Analyst - Remote

Validic, Inc. is a digital health and remote care company devoted to our mission of improving the quality of human life by making personal data actionable. We’re seeking a Security Compliance Analyst, who will support the safeguarding and protection of the Company’s data and information systems. The individual in this role develops and implements plans to operationalize data privacy requirements across the Company and ensures continuous compliance with ISO27001, HITRUST, GDPR, and other relevant certifications and frameworks.

What You’ll Do at Validic

Security Management

  • Collaborate with applicable stakeholders, including DevOps, MIS/IT, Contract Management, Legal, and leadership to develop a data privacy and security system within the Company, including establishing and driving policies, procedures and best practice and develop and implementing plans to operationalize data privacy requirements across the Company
  • Serve as the subject matter expert regarding privacy and security requirements, with an emphasis on ISO 27001, HITRUST, SOC-2, and PCI
  • Maintain current knowledge of applicable national, regional, and international privacy and security laws, regulations, and accreditation standards, and monitor advancements in information privacy technologies ensuring Company adaptation and compliance
  • Identify and evaluate business and technology/security risks, internal controls that mitigate risks, and related opportunities for internal control improvement
  • Respond immediately to security-related incidents, in conjunction with the Emergency Response Team, and complete a thorough post-event analysis

Sales and Customer Support

  • Collaborate with the Sales and Contract Management teams as the cybersecurity stakeholder in pre-award and/or post-award sales activities
  • Serve as the primary owner for the Company on client inquiries, including business risk analysis requests, vendor compliance surveys, and customer privacy and security audits
  • Facilitate vulnerability mitigation discussions with internal and external business partners

 Certifications and Internal Assessments/Audits

  • Participate in and lead compliance audit activities (ISO 27001, HITRUST, SOC-2, PCI) by developing and overseeing project management plans, facilitating the collection of required materials, and interfacing with auditors
  • Create internal audit practices and associated reporting to ensure the Company is complying with applicable laws and established policies and procedures
  • Collaborate with impacted parties to develop and implement remediation action plans addressing audit findings

Policies and SOPs

  • Advise on security best practices and guide the Company in developing, adopting, and enforcing security and access policies appropriate to the security needs of the business
  • Write, implement, and continuously improve information security policies and procedures supporting compliance initiatives

Collaboration and Training

  • Engage with technical process owners to understand technical process steps, identify risks, and drive completed documentation aligning with the Company’s governance and risk programs
  • Promote awareness of established compliance and privacy and data security practices and materials by developing and delivering standard training to staff and other stakeholders and specialized training to high-risk groups, such as MIS/IT, HR, and Finance

What You'll Bring to Validic

  • Bachelor’s degree from an accredited college or university in information security or technical discipline preferred but not required with applicable experience/knowledge base
  • Minimum 2 years combined experience in governance, risk, compliance, business process analysis, and/or project methodology in a technology-related industry
  • CISSP or CRISC certification or desire to obtain certification within two years and/or information security related training preferred
  • Experience performing information security audits and/or risk assessments
  • Experience with automated GRC tools, such as RSA Archer, MetricStream, and Allgress, preferred
  • Excellent understanding of business and technical risks, with the ability to disseminate information effectively to external and internal stakeholders
  • Demonstrated knowledge and strong understanding of various compliance and regulatory areas (e.g., GDPR, HITRUST, ISO 27001)
  • Desire to learn and enhance security related metrics and reporting, specifically operational and risk data points
  • Passion for security and compliance and ability to develop security policies, standards, guidelines, and procedures based on best practices and industry standards
  • Familiarity with security auditing processes
  • Deadline-driven with strong project management and prioritization skills
  • Self-motivated, with a “can do” attitude and desire to overachieve
  • Demonstrated ability to execute and deliver multiple complex and high-quality projects concurrently, while monitoring internal/external sources to make appropriate assessments and decisions
  • Excellent verbal and written communication skills
  • Ability to embrace working and communicating with all levels of an organization

Why You’ll Love Validic

  • Our team is great. We’re talented and passionate folks devoted to our mission and our people.
  • Our work is important. We build technology that makes healthcare easier to help people live their best lives.
  • Together, we’re solving healthcare’s toughest challenges by enabling personal health data to transform how we diagnose and treat disease, care for people in any setting, and provide personalized care.

What Validic Values

  • Authenticity - Set aside egos and bring your own flavor
  • Freedom - Lead with trust and get Super Healthy Information Technology done
  • Empathy - Challenge directly and care personally
  • Purpose - Innovate passionately and make an impact

The Fine Print

Location: Remote U.S. Based - Our core hours are 10:00 a.m.-4:00 p.m. Eastern Time.
Reports to: Chief Information Security Officer
Status: Full-Time/Exempt

Physical Requirements: Prolonged periods of sitting at a desk and working on a computer in a variety of environments with multiple distractions. Must be able to travel up to 10%.

Must be eligible to work in the U.S. Please note visa sponsorship is not available.

No recruiters, please.

Validic is an Equal Opportunity and Affirmative Action Employer. All qualified applicants receive consideration for employment without regard to age, race, color, genetic information, religion, national origin, sex, sexual orientation, pregnancy, gender, gender identity, gender expression, marital status, disability status, military status, veteran status or any other basis protected by federal, state or local laws.

Please add notifications@app.bamboohr.com to your contact list to ensure delivery of all correspondence from us.

Job Summary

JOB TYPE

Full Time

INDUSTRY

IT Outsourcing & Consulting

POST DATE

08/14/2022

EXPIRATION DATE

10/02/2022

WEBSITE

validic.com

HEADQUARTERS

DURHAM, NC

SIZE

50 - 100

FOUNDED

2010

TYPE

Private

CEO

DREW SCHILLER

REVENUE

$10M - $50M

INDUSTRY

IT Outsourcing & Consulting

Related Companies
About Validic

Validic is a digital health platform that provides access to patient-generated data from mobile health devices, wearables and applications.

Show more

The job skills required for Security Compliance Analyst - Remote include Analysis, Initiative, Leadership, Written Communication, Auditing, Internal Audit, etc. Having related job skills and expertise will give you an advantage when applying to be a Security Compliance Analyst - Remote. That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by Security Compliance Analyst - Remote. Select any job title you are interested in and start to search job requirements.

For the skill of  Analysis
City of Raleigh
Full Time
$101k-122k (estimate)
4 Days Ago
For the skill of  Initiative
Hyster-Yale Materials Handling
Full Time
$64k-83k (estimate)
2 Days Ago
For the skill of  Leadership
Ascii Group LLC
Full Time
$41k-53k (estimate)
Just Posted
Show more

The following is the career advancement route for Security Compliance Analyst - Remote positions, which can be used as a reference in future career path planning. As a Security Compliance Analyst - Remote, it can be promoted into senior positions as a Compliance Specialist II that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary Security Compliance Analyst - Remote. You can explore the career advancement for a Security Compliance Analyst - Remote below and select your interested title to get hiring information.