Senior Information Security Analyst

W2 only, no C2C, must be authorized to work in the US (both now and in the future).

• Job #2428
• Location: San Francisco, California
• Type: Direct Hire

Our partner is looking for a Remote Senior Information Security Analyst’s to be the internal point of contact and administrator for HITRUST certification and maintenance. The Senior Information Security Analyst also generally works to ensure both the partner's platform and the broader team maintain compliance surrounding HIPAA, HITRUST, and general cybersecurity best practices. Working in conjunction with the CTO, the Senior Information Security Analyst develops, refines, and enforces policies and procedures across the organization.
This position reports to the Chief Technology Officer.
Core Responsibilities

• Assessing information risk
• Reporting on and facilitating remediation of identified vulnerabilities for IT security and IT risk across the organization
• Provides network and security expertise and guidance for all aspects of information assurance
• Assists in establishing, reviewing and maintaining security related policies, plans, processes and procedures to contribute toward the protection of critical business functions from disruption due to system failure or unavailability and to ensure enterprise applications have appropriate protections in place
• Supports efforts to meet HIPAA and HITRUST requirements utilizing established security framework, leading/contributing efforts toward assessment completion and action plan follow through
• Collaborates with IT staff and external security vendors to monitor the security posture of all networked systems and leads efforts to take appropriate steps to quickly deal with any identified vulnerabilities
• Maintains a high level of technical expertise on server/network hardware and software and appropriate security tools
• Performs duties in compliance with and according to organizational policies and procedures, regulatory requirements and sound business practices.
• Assists in the selection, evaluation, and implementation of information system security infrastructure and strategic and operational planning
• Manages the continuous protection of systems and information assets by contributing to or leading teams in the execution and implementation of information security defense improvements involving architecture, processes, tools and automation

Knowledge / Skills / Abilities

• Leadership, project management, use of methodology, time management and organizational skills to direct security efforts with the project team.
• Excellent interpersonal and communication skills
• Ability to build strong and sustainable relationships
• Demonstrated ability to work cooperatively and strategically in a team environment with all levels of professional, technical, and administrative staff
• Skills to collaborate with and achieve actionable results through and with others
• Bachelor’s Degree from an accredited university or college in Computer/Information Science/Business required.
• Minimum of six (6) years of technical experience in an enterprise-wide system, network or security-related IT position. Equivalent combination of experience and education (min Bachelors) may be considered.
• Ability to deal with highly confidential information and act as a liaison between the Chief Technology Officer, the Data Science teams, and Engineering teams
• Demonstrated ability to lead high visibility projects, to work effectively and carefully under pressure, to meet project deadlines, to learn independently, to communicate effectively with a variety of people and to write well is required.

We encourage people from historically underrepresented communities in technology to apply, including but not limited to women, people of color, people with disabilities, people of all age brackets, people with complex work and life histories, and those who identify as LGBTQ. We are a distributed team with hubs in the Denver area and Madison. Denver/Boulder is preferred, but candidates living anywhere are encouraged to apply and will not be required to relocate. US work authorization required.