What are the responsibilities and job description for the Information Security Risk Analyst (Remote) position at 10046 Sound Inpatient Phys Inc (SIP)?
POSITION SUMMARY
Sound Physicians is seeking an Information Security Risk Analyst to support our information systems lifecycle activities. This role involves performing assessments of systems and networks within the Sound infrastructure, cloud services, and third-party partners to identify deviations from acceptable configurations, policy, or industry standards. The role ensures compliance with regulations, policy, and contract requirements, and establishes program control processes to mitigate risks and support certification and accreditation of systems.
Responsibilities include process support, analysis, coordination, security certification tests, documentation, investigations, software research, hardware introduction and release, and periodic audits. The Information Security Risk Analyst will focus on developing and strengthening current security practices and providing risk/gap remediation statistics to management to drive business decisions and realignment.
The Details: This is a remote opportunity. Monday-Friday.
ESSENTIAL DUTIES AND RESPONSIBILITES:
• Project manage third-party risk assessments (client and self-assessments).
• Handle client security questionnaires to ensure compliance with client security requirements and address any security concerns.
• Project manage HiTrust / SOC2 initiatives and ongoing organization security certifications.
• Maintain information security policies.
• Provide risk and gap statistics to management.
• Collaborate with technical and business teams to maintain and enhance organization security.
• Support incident manager during high and critical incidents.
• Provide technical security advice.
• Provide policy recommendations.
• Experience with Microsoft Windows platforms
• Experience in system analysis
• Experience in system auditing
• Knowledge of healthcare industry frameworks and regulations, e.g. HIPAA and HITRUST.
• Knowledge of international information security frameworks and standards, e.g. NIST, ISO
EDUCATION:
Minimum: Associates’ Degree in a relevant field is required.
Preferred: Bachelor’s degree in relevant field and/or CRISC is preferred.
EXPERIENCE:
Minimum: Three years experience in relevant field.
Preferred: Five to eight years experience in relevant field.
Pay Range: This position offers an annual salary range of $85,000 - $110,000. The starting salary will fall between $85,000-$95,000, taking into account the candidate’s experience, education and location.
Salary : $85,000 - $110,000
