Information Security Analyst - Security Audit

Overview

The Information Security Analyst will support the Sr. Manager of Security Audit in developing, implementing, and monitoring a comprehensive information security audit program. This program includes HITRUST, SOC 2, and other relevant security assessments. The ideal candidate will have 3-5 years of IT audit experience, with specific experience in HITRUST and SOC 2, preferably within the health industry.

Responsibilities

• Assist in leading security audit efforts across the enterprise to ensure the successful delivery of HITRUST certifications and the implementation of HITRUST and SOC 2 requirements across our platforms.
• Help formulate the tactical and strategic direction of the information security audit program, addressing emerging requirements, automation, gap remediation, and continuous monitoring.
• Contribute to the development of a continuous monitoring program that informs the success of future audits and identifies control gaps.
• Work under the guidance of leadership to mentor junior information security personnel and support their professional growth while maturing the information security audit program.
• Effectively communicate across all levels of the organization and produce deliverables for the Leadership Team.
• Promote and support cyber security as an enabler of core business processes, educating teams on security findings, vulnerabilities, remediation measures, and security programs.
• Prescribe security improvements to resolve or mitigate security findings or enhance the security posture to achieve compliance with all security initiatives.
• Lead innovation efforts to increase efficiencies and automate manual security audit processes.
• Build a network of positive relationships throughout the organization to leverage in accomplishing the broad requirements of this position.
• Provide HITRUST and SOC2 control advisory services on the company’s various projects.
• Offer strategic guidance and expertise on executing audits by applying knowledge of best practices to ensure proper strategic alignment.

Qualifications

• Bachelor’s degree in a technology discipline or equivalent professional experience required.
• 3-5 years of Information Security, IT Risk Management, IT Audit, or similar experience.
• Works independently and requires minimal supervision.
• Efficacious technical skills with hands-on experience in assessing technical security controls.
• Strong organizational skills and ability to communicate effectively with business stakeholders.
• Working knowledge of GRC tool such as Auditboard, RSA Archer, or similar preferred.
• HITRUST CCSFP, CISA, CISM or similar security certification preferred

Base compensation ranges from $80,000 to $112,000. Specific offers are determined by various factors, such as experience, education, skills, certifications, and other business needs.

Cotiviti offers team members a competitive benefits package to address a wide range of personal and family needs, including medical, dental, vision, disability, and life insurance coverage, 401(k) savings plans, paid family leave, 9 paid holidays per year, and 17-27 days of Paid Time Off (PTO) per year, depending on specific level and length of service with Cotiviti. For information about our benefits package, please refer to our Careers page.

Date of posting: 08/20/2024

Applications are assessed on a rolling basis. We anticipate that the application window will close on 10/20/2024, but the application window may change depending on the volume of applications received or close immediately if a qualified candidate is selected.

#LI-REMOTE

#LI-AK1

#junior