Information Security: Compliance Analyst I
About The Position
As a critical part of the InfoSec team, the Compliance Analyst I will collaborate with business leads, application developers, and system and network engineers to apply security best practices and solutions. This role is essential to protecting proprietary information, sensitive healthcare data, and the overall network environment. Moreover, the Compliance Analyst I support Acumenâs risk management efforts by helping to ensure internal systems and processes align with internal policies and compliance requirements. This includes cross-team collaboration to remediate vulnerabilities swiftly. The Compliance Analyst I reports to the Lead Information Security Administrator and in the role will report to the Lead Information Security Administrator and works closely with internal teams to respond to vulnerabilities, strengthen our security posture, and maintain compliance standards.
Requirements
- You have a Bachelorâs degree in Computer Science, security, compliance, or related field
- You have up to 2 years of experience working in the information security domain serving in a role in supporting and managing security compliance
- You are enthusiastic about learning the data security principles needed to implement security controls and oversee data security practices
- You have excellent organizational, analytical, and problem-solving skills
- You are energized by problem-solving. Youâre able to maintain a level head when a curveball is thrown your way and you enjoy the challenge of connecting the dots and identifying whatâs needed to resolve it.
- You have reliable interpersonal, oral and written communication skills
- Youâre able to effectively collaborate with IT system architects, technical project teams, and high-level business managers
- You are a self-starter and are able to take initiative to stay abreast of security developments and threats
- Youâre able to demonstrate adaptability, prioritize tasks, and meet deadlines in a fast-paced environment
Nice To Haves
- CISA or CISM certificate (in progress or completed)
Responsibilities
- Conduct assessments and gap analyses of compliance activities to support effectiveness indicators provided by government agencies
- Conduct internal audits of the system environment and relevant policies and procedures
- Collect information and evidence for external audits and client inquiries
- Integrate auditing protocols into development cycles and assisting with system architecture and design
- Implement and maintain applicable security and privacy regulatory and legal requirements into companyâs Information Security Program.
- Research and maintain understanding of policies, regulations & laws at the state and federal levels
- Build understanding of security frameworks and standards for NIST, FedRAMP, FISMA, HIPAA, SOC2 and other relevant information security and privacy regulations.
- Contribute to the development and management of comprehensive documentation demonstrating continuous regulatory compliance effectiveness
- Contribute to briefings for senior management of implications of changes to the companyâs security & privacy policies, procedures, processes.
- Contribute to internal policy recommendations for maintaining compliance,
- Develop reports and actionable information pertaining to risk and incident discovery and remediation technologies, techniques, and processes
- Support the creation and delivery of annual Incident Response Tabletop Exercise and Contingency Plan Testing
Benefits
- health, dental, and vision insurance
- retirement savings options
- paid time off
- other employee programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
Number of Employees
251-500 employees
