Information Security Compliance Analyst

At Ovation Healthcare, we’ve been making local healthcare better for more than 40 years. Our mission is to strengthen independent community healthcare.

We provide independent hospitals and health systems with the support, guidance and tech-enabled shared services needed to remain strong and viable.

With a strong sense of purpose and commitment to operating excellence, we help rural healthcare providers fulfill their missions.

Do you have the right skills and experience for this role Read on to find out, and make your application.

The Ovation Healthcare difference is the extraordinary combination of operations experience and consulting guidance that fulfills our mission of creating a sustainable future for healthcare organizations.

Ovation Healthcare's vision is to be a dynamic, integrated professional services company delivering innovative and executable solutions through experience and thought leadership, while valuing trust, respect, and customer focused behavior.

We’re looking for talented, motivated professionals with a desire to help independent hospitals thrive. Working with Ovation Healthcare you will have the opportunity to collaborate with highly skilled subject matter specialists and operations executives, in a collegial atmosphere of professionalism and teamwork.

Ovation Healthcare's corporate headquarters is located in Brentwood, TN. For more information, visit ovationhc.com.

Summary

The Information Security Compliance Analyst plays a key role in ensuring that the organization adheres to regulatory and industry standards for information security.

You will work closely with internal teams and external auditors to evaluate compliance with applicable laws, standards, and best practices, as well as help develop policies and procedures that safeguard the organization's information assets.

The ideal candidate is analytical, detail-oriented, and knowledgeable about compliance frameworks and information security principles.

Duties and Responsibilities :

• Ensure the organization meets regulatory and compliance requirements such as : HIPAA, SOC 2, PCI-DSS, etc.
• Develop strategies and plans for Business Continuity and Disaster Recovery (BC / DR) to maintain operations during and after disruptive incidents.
• Develop and maintain security policies, procedures, and standards. Ensure alignment with organizational goals.
• Review and manage the Vendor Risk Management program.
• Work with External Auditors to ensure compliance of the organization.
• Collaborate with cross-functional teams to provide guidance on information security compliance requirements.
• Monitor changes in regulatory requirements and industry standards to ensure ongoing compliance.
• Assist with incident response processes, including investigation, documentation, and reporting.
• Educate and train employees on security compliance practices and awareness.
• Implement Information Security Training and Awareness for Employees.
• Maintain documentation of security compliance efforts and provide regular reports to management.
• Stay up to date on the latest security vulnerabilities, trends, and technologies to proactively address emerging threats.
• Monitor the security queues and respond as needed.
• Report metrics to the Cybersecurity Manager on a regular basis.
• Be a team player and contribute to the team where assistance is needed and take direction from the Cybersecurity Manager and the CISO.

KNOWLEDGE, SKILLS, AND ABILITIES :

• Experience working with external auditors or regulatory bodies.
• Deep understanding of HIPAA, SOC 2, PCI-DSS, NIST, and other compliance standards.
• Strong project management and organizational skills.
• Ability to work independently and collaboratively in a fast-paced environment.
• Strong attention to detail and a proactive approach to security.
• Strong interpersonal skills with the ability to work collaboratively across different teams and departments.

J-18808-Ljbffr