Senior Provider Reimbursement Analyst (43439)

Position Overview

The Senior Information Security Analyst will work closely with the Enterprise Risk and Information Security Officer to provide timely and quality service to ensure compliance with Neighborhood's information security and risk policies and procedures. This position will be responsible for maintaining continuous monitoring of activities in support of the HiTrust control framework. The Senior Information Security Analyst is a member of an oversight function and supports information security, risk, and compliance governance across the enterprise.

This role will assist in establishing information security requirements through the evaluation and understanding of business strategies and processes, developing applicable information security standards, executing control assessments to provide recommendations and develop requirements to remediate identified control gaps.

Duties and Responsibilities -

Responsibilities include, but are not limited to, the following:

• Responsible for the continuous monitoring program to assert the control environment is operating effectively
• Develop Security Control Monitoring Test Plans and Schedule
• Establish ownership of the controls, schedule regular assessments, and testing
• Report control failures, gaps to stakeholders, provide recommendations and assist in developing solutions, and prepare management reports to track remediation activities
• Develop and implement security policies, procedures and requirements, as well as collaborate with control owners to help implement and track enforcement of output
• Perform technology risk and controls assessments such as account control assessments for systems, applications, infrastructure, and operational processes
• Track corrective action plans for identified information security issues
• Maintain inventory of exceptions to Information Security policy, standard, control, and configuration requirements

• Manage priorities, perform tasks in an orderly fashion, and meet deadlines. Provide support to one or more projects simultaneously. Delivers projects on schedule.

• Development of Key IT Metrics (KPIs and KRIs) and prepare reports for the Enterprise Risk and Information Security Officer and Senior Leadership, reporting on Information Security program achievements, successes, challenges and opportunities for improvement
• Assist and train junior team members in the use of security tools, the preparation of security reports and the resolution of security issues
• Analyze problems and alternative solutions and take appropriate timely action to achieve desired business results. Seeks unique and novel solutions to problems and considers impact of final resolution
• Educate internal teams on information security best practices.
• Assist in technical audits of IT Systems and controls.
• Job Knowledge - Remains up-to-date in assigned area of responsibility possesses skills and knowledge to perform job effectively; efficiently and safely; acquires, understands, and applies technical and professional information and skills; understands and adheres to policies and procedures
• Performs other duties as required.
• Corporate Compliance Responsibility - As an essential function, responsible for complying with Neighborhood's Corporate Compliance Program, Standards of Business Conduct, applicable contracts, laws, rules and regulations, policies and procedures as it applies to individual job duties, the department, and the Company. This position must exercise due diligence to prevent, detect and report unlawful and/or unethical conduct by fellow co-workers, professional affiliates and/or agents.

Travel Expectations:

• Minimal travel

Neighborhood is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status or any other legally protected basis.

Qualifications

Required:

• Bachelor's degree in computer science, information systems, or related field or sufficient education and relevant work experience to equate to a degree.
• Minimum of five (5) years' experience in an information security or IT related professional role.
• Knowledge of security issues, techniques, and implications across computing platforms.
• Implementing and reporting on Continuous Monitoring of information security, risk & privacy controls
• Sound knowledge of NIST Cyber Security Framework, Risk Management Framework, and Cloud Security Alliance - Cloud Security Controls matrix.
• Experience in Information Security best practices
• Strong written and verbal communication skills, professional attitude
• Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel
• Strong analytical and problem-solving skills to enable effective security incident and problem resolution

• Demonstrates agility and is flexible with changing priorities

Preferred:

• Experience in Information Security, for insurance, or healthcare/health plan industries
• Information Security certification (CISSP, CISM, CISA, or Security+)
• Experience with Governance/Risk/Compliance (GRC) tools
• Experience in developing, communicating, and executing new programs
• An aptitude for data collection and analysis, statistics, visual presentation methods and process mapping and modeling.
• Experience reporting\presenting to the senior management, the Board, and/or Committees of the Board on the status of information security.

Salary Grade: I/T

Neighborhood is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status or any other legally protected basis.