IT Security Analyst

Creating a better way. It’s more than just the philosophy we were founded on. It’s our purpose. For our employees, it means more time with patients. Unrushed visits to build meaningful relationships. And most importantly, an opportunity to empower our patients to achieve their full potential – at work and in life. Determined to make a difference? Join our health care revolution and be a part of something better.

QuadMed is looking for an IT Security Analyst to join our QuadMed IT team. This is a remote role with occasional travel.

GENERAL PURPOSE OF JOB

The IT Security Analyst assists the Director of Information Security and Compliance in developing, coordinating, and supporting the overall objectives of QuadMed’s information security, risk management and compliance programs. This includes participating in special projects, developing and implementing information security and compliance auditing and monitoring activities, and identifying opportunities to improve QuadMed’s overall risk posture.

Key Responsibilities

• Conducts reviews of organizational and functional activities, evaluating the adequacy and effectiveness of information technology security controls. (IT General Controls/Splunk/Nessus/3rd Party)
• Performs regular audits and participates in a variety of special projects to improve systems or processes and/or to reduce organizational risks. (IT General Controls, SOC2, PCI, HIPAA)
• Assists with the development of risk and threat matrices to track organizational risks and mitigation efforts. (Scorecards, Security reporting, System vulnerability tracking)
• Coordinates and assists with third party audits and assessments (HIPAA, Risk, DR, PCI, SOC2).
• Assists with security risk assessments for new and current third-party vendors. (VSQ, BDS, SOC 2)
• Collaborates with other departments to implement process improvement or remediation activities as generated by findings from internal / external audits.
• Utilizes reporting tools to identify questionable user behaviors such as inappropriate access, irregular usage patterns, excessive account lock outs or other activities.
• Identifies, prepares and maintains appropriate and required data, records, reports and other documentation relevant to carrying out all the above activities and assists with reporting the business’ performance in these areas.
• Coordinates employee education, awareness, training and testing activities including phish and insider threat testing.
• Actively seeks knowledge of new, automated, or more efficient auditing and monitoring techniques to increase departmental and/or organizational efficiency and effectiveness.
• Helps coordinate the reviews of system documentation, and security or compliance related policies and procedures.

Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Performs other duties as assigned to support departmental initiatives as well as overall strategic goals and objectives of the Company.
  
  

Education

JOB REQUIREMENTS

• Bachelor’s Degree from a four-year college or university in business, healthcare, information technology, security or a related field required
  
  

Experience

• The ideal candidate will have at least one (1) year experience in a healthcare setting, most notably in a HIPAA, privacy, security or audit/compliance-related role.
  
  

Certificates, Licenses, Registrations

• Certifications in areas of healthcare compliance, privacy, security, health information management, risk management assurance, internal auditing, and/or Epic Systems preferred
  
  

Knowledge, Skills & Abilities

• Knowledge of healthcare laws and regulations, auditing and monitoring principles, risk management, electronic health record systems and a strong ability to interpret and present multifaceted concepts and analyses.
• Knowledge and experience with HIPAA and other privacy-related regulations and the application of these regulations in a healthcare setting, or a similar job that required interpretation of complex regulations and communication of same to all levels of workforce.
• Requires analytical and problem-solving skills to ensure that internal controls, policies and procedures are being followed consistently in order to safeguard the Company’s assets, verify the accuracy and reliability of its data, and promote adherence to the prescribed policies, resulting in recommendations that add value for process improvements throughout all areas of the organization.
• Individual must possess excellent attention to detail, strong writing and verbal communications skills, and be able to make critical decisions based on data analysis.
• Highly collaborative individual with ability to influence others and build strong professional relationships.
• Maintains a high degree of creditability, independence, integrity, confidentiality and trust.
• Ability to work independently, make independent judgments and set priorities.
• Demonstrated ability to research, compile and analyze regulatory and business information, assess compliance or other business risks, and provide feedback as to resolutions or recommendations for process improvement.
• Proven ability to work effectively with diverse populations and a demonstrated commitment to fostering inclusion.
• May require occasional travel.
  
  

Harry Quadracci was determined to do things differently, and to do them better. In 1991, the visionary print manufacturing CEO founded QuadMed out of the belief that there had to be a better way to provide his employees with access to affordable, high-quality health care. And what started as doing the right thing, ended up sparking a health care revolution. Now 30 years later, we partner with employers across the nation to provide value-driven health and wellness services in or near the workplace. With a focus on breaking down cost, access and quality barriers, we empower employees and their families to live healthier, happier lives.

We offer excellent benefits to eligible employees, including 401(k), holidays, vacations and more.

QuadMed and Quad is proud to be an equal opportunity employer. We are committed to creating a place of belonging — a space where employees do not need to sacrifice who they are to exist and grow in our workplace. QuadMed and Quad does not discriminate on any unlawful basis including race, religion, color, national origin, disability, gender, gender identity, sexual orientation, age, marital status, veteran status, genetic information, or any other basis prohibited by applicable federal, state, or local laws. QuadMed and Quad also prohibits harassment of applicants and employees based on any of these protected categories.

Drug Free Workplace

Technology