Information Security Analyst III (Vendor Risk Management)
Company: Change Healthcare Solutions
Location: Alpharetta
Posted on: June 23, 2022
|
|
Job Description:
TitleInformation Security Analyst III (Vendor Risk
Management)Overview of PositionThe Security Analyst will assist in
the execution of the Vendor Risk Assessment Program that includes
vendor registration, risk assessments, monitoring and issue
management, and reporting. Our team is a part of the Information
Security organization and partners with our vendors, using an
established process, to ensure compliance with the overall program
and reduction of information security risks associated with
vendors.What will be my duties and responsibilities in this
job?Lead and execute third-party risk assessments of Change
Healthcare's vendors which includes: Confirming vendor's compliance
to security controls using established proceduresAssessing vendor's
controls, processes, and/or systems to identify the threats and
vulnerabilities that lead to riskDeveloping plans to mitigate
against risks, and managing the remediation plan to
completionEngage with vendors and internal stakeholders on an
ongoing basis to:Manage audit requests as they pertain to the
programCoordinate the gathering of information needed for periodic
validations and auditsCommunicate identified assessment
resultsDrive registration of vendors into Information Security's
GRC platformDevelop and deliver monthly metrics and risk reporting
dashboards to leadershipWhat are the requirements needed for this
position?Bachelor's degree in MIS, IT, Related Field, or equivalent
experience2-5 years of experience in a vendor risk management or
security assessment capacityExperience assessing third-party
security risk and performing security assessmentsKnowledge of
information security concepts and theory, and the application of
such through technical and non-technical methodsSolid understanding
of a wide variety of IT risk domains related to confidentiality,
integrity, and availabilityAble to establish strong working
relationships with IT leadership and technical teams, business
customers, vendors and peersAble to interface, influence and
communicate (written and verbally) with all levels of management,
industry organizations, and customersStrong time management
skills/flexible work style to prioritize work effortsWhat other
skills/experience would be helpful to have? Knowledge of common
InfoSec regulation & frameworks (PCI, HIPAA, ISO 27001, HITRUST,
FISMA) is a plusExperience executing audit plans or performing
assessments using defined control frameworks is a plusExperience
with OneTrust GRC suite is a plusOne or more of the following
certifications is a plus: CISSP, CISM, CEH, Security+, MCSE, CWTS,
CISA, CNDA, CCNP, CCIE, CCNA, CISO, AWS.How much should I expect to
travel?Employees in roles that require travel will need to be able
to qualify for a company credit card or be able to use their own
personal credit card for travel expenses and submit for
reimbursement.Join our team today where we are creating a better
coordinated, increasingly collaborative, and more efficient
healthcare system! COVID Vaccination RequirementsWe remain
committed to doing our part to ensure the health, safety, and
well-being of our team members and our communities. As such, we
require all employees to disclose COVID-19 vaccination status prior
to beginning employment and we may require periodic testing for
certain roles. In addition, some roles require full COVID-19
vaccination as an essential job function. Change Healthcare adheres
to COVID-19 vaccination regulations as well as all client COVID-19
vaccination requirements and will obtain the necessary information
from candidates prior to employment to ensure compliance. Equal
Opportunity/Affirmative Action Statement Change Healthcare is an
equal opportunity employer. All qualified applicants will receive
consideration for employment without regard to race, color,
religion, age, sex, sexual orientation, gender identity, genetic
information, national origin, disability, or veteran status. To
read more about employment discrimination protections under federal
law, read EEO is the Law at
https://www.eeoc.gov/employers/eeo-law-poster and the supplemental
information at
https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf.If
you need a reasonable accommodation to assist with your application
for employment, please contact us by sending an email to
applyaccommodations@changehealthcare.com with "Applicant requesting
reasonable accommodation" as the subject. Resumes or CVs submitted
to this email box will not be accepted.Click here
https://www.dol.gov/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf
to view our pay transparency nondiscrimination policy.California
(US) Residents: By submitting an application to Change Healthcare
for consideration of any employment opportunity, you acknowledge
that you have read and understood Change Healthcare's Privacy
Notice to California Job Applicants Regarding the Collection of
Personal Information.Change Healthcare maintains a drug free
workplace and conducts pre-employment drug-testing, where
applicable, in accordance with federal, state and local laws.
Keywords: Change Healthcare Solutions, Alpharetta , Information Security Analyst III (Vendor Risk Management), Executive , Alpharetta, Georgia
Click
here to apply!
|