Cyber Security Policy Analyst

Job Description

This Senior Information Security Analyst role will be responsible assessing implementing the information security governance, risk, and compliance program.

The individual will write and maintaining audit and compliance initiatives to ensure policies, standards, procedures, and audit activities are in alignment with business, IT, and regulatory requirements including but not limited to HIPAA and PCI.

This role will provide support for maturing and optimizing information security governance, risk management, and compliance capabilities across the client's expanding global footprint by

• Restructuring security policies, standards, and procedures to align with industry standards and best practices
• Ensuring security standards and procedures are completely in accordance with HITRUST, PCI, SOC, and NIST requirements
• Assessing new security compliance requirements and assist in the evaluation of compliance control requirements
• Support day-to-day execution of security procedures in areas related to perimeter and endpoint security, cloud security posture management, vulnerability management, security observability, and security operations
• Support efforts to develop or continuously improve security controls, processes and procedures across the company, as necessary
• Accurately assess risks associated with each requirement, and tie to information security controls

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day.

We are an equal opportunity / affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances.

If you need assistance and / or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy : .

Required Skills & Experience

• 5+ years of demonstrable experience with IT Security, including IAM, network, data, endpoint, and cloud
• 5+ years of demonstrable experience in security risk governance, auditing and compliance, with a focus on supporting security policies and procedures
• Experience with HITRUST r2 certification
• Experience in producing and maintaining documentation and reports, specifically assisting in developing policies, standards, risk assessment reports, and other forms of Security Risk Management Program documentation
• Full understanding of industry standards for compliance such as HITRUST, PCI DSS, SSAE 18 SOC 1 / SOC 2 and NIST SPs
• Experience with risk assessment methodologies and best practices
• Possess an information security or IT audit certification, such as CISSP, CISA, CISM CRISC, or their equivalent

Nice to Have Skills & Experience

• Prior experience guiding an organization to HiTrust certification.
• Previous hands-on background as an engineer / admin within : network, security, infrastructure.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching.

Employees in this role are also entitled to paid sick leave and / or other paid time off as provided by applicable law.