IT Security Analyst

About The Company

QuadMed was founded in 1991 by Harry Quadracci, a visionary CEO dedicated to transforming healthcare delivery. Rooted in the philosophy of creating a better way, QuadMed aims to provide high-quality, affordable health care access to employees and their families. Over the past three decades, the company has pioneered a health care revolution by partnering with employers nationwide to deliver value-driven health and wellness services directly within or near the workplace. Our mission is to break down barriers related to cost, access, and quality, empowering individuals to lead healthier and happier lives. With a commitment to innovation and excellence, QuadMed continues to evolve as a leader in health care solutions, fostering a culture of integrity, inclusion, and continuous improvement.

About The Role

We are seeking a dedicated IT Security Analyst to join our dynamic QuadMed IT team. This remote position offers the flexibility to work from anywhere, with occasional travel requirements. The primary responsibility of this role is to support and enhance the organization’s information security, risk management, and compliance initiatives. The IT Security Analyst will work closely with the Director of Information Security and Compliance to develop, implement, and monitor security controls, conduct audits, and identify opportunities for strengthening our security posture. This role is crucial in safeguarding sensitive health information, ensuring regulatory compliance, and supporting the organization’s strategic objectives in a rapidly evolving healthcare environment.

Qualifications

The ideal candidate will possess a Bachelor’s Degree in Business, Healthcare, Information Technology, Security, or a related field from an accredited institution. At least one year of experience working within a healthcare setting, particularly in roles related to HIPAA, privacy, security, or compliance, is preferred. Certifications such as healthcare compliance, privacy, security, health information management, risk management assurance, internal auditing, or Epic Systems are highly desirable. Candidates should demonstrate strong knowledge of healthcare laws and regulations, auditing principles, risk management, and electronic health record systems. Excellent analytical, problem-solving, communication, and interpersonal skills are essential, along with the ability to work independently and collaboratively in a fast-paced environment. The role may require occasional travel to support audits and training sessions.

Responsibilities

• Conduct comprehensive reviews of organizational activities to evaluate the effectiveness of information technology security controls, including IT General Controls, Splunk, Nessus, and third-party assessments.

Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Perform routine audits and participate in special projects aimed at improving systems, processes, and reducing organizational risks related to IT security, SOC2, PCI, HIPAA, and other standards.
• Assist in developing risk and threat matrices to monitor organizational risks, mitigation efforts, and security reporting, including system vulnerability tracking and scorecards.
• Coordinate and support third-party audits and assessments, ensuring compliance with HIPAA, Risk, Disaster Recovery, PCI, and SOC2 requirements.
• Support security risk assessments for current and prospective third-party vendors, utilizing tools such as VSQ, BDS, and SOC 2 reports.
• Collaborate with various departments to implement process improvements and remediation activities based on audit findings, ensuring continuous compliance and security enhancement.
• Utilize reporting tools to detect questionable user behaviors, such as inappropriate access, irregular usage patterns, or excessive account lockouts, and take appropriate action.
• Maintain accurate documentation, records, reports, and data relevant to security activities, and assist in reporting organizational performance in security and compliance areas.
• Coordinate employee education, awareness, and training initiatives, including phishing simulations and insider threat testing, to promote a security-conscious culture.
• Continuously seek knowledge of emerging automated auditing and monitoring techniques to improve departmental efficiency and organizational security posture.

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Assist in reviewing and updating system documentation, security policies, and procedures to align with current standards and best practices.
• Perform additional duties as assigned to support departmental initiatives and the company’s strategic objectives.
  
  

Benefits

QuadMed offers a comprehensive benefits package designed to support the health, well-being, and financial security of our employees. Eligible employees enjoy medical, prescription, dental, and vision insurance plans that promote overall wellness. We provide a 401(k) retirement savings plan with company contributions to help secure your financial future. Paid time off, holidays, and additional leave options are available to support work-life balance. Our benefits package also includes professional development opportunities, wellness programs, and a supportive work environment that encourages growth and inclusion. We are committed to fostering a culture that values diversity, equity, and inclusion, ensuring all employees feel valued and respected.

Equal Opportunity

QuadMed and Quad are proud to be equal opportunity employers. We are committed to creating an inclusive workplace where all employees and applicants are treated with respect and fairness. We do not discriminate on the basis of race, religion, color, national origin, disability, gender, gender identity, sexual orientation, age, marital status, veteran status, genetic information, or any other protected characteristic under applicable federal, state, or local laws. Additionally, we prohibit harassment or discrimination of any kind and promote a culture of belonging and mutual respect. We believe that diverse perspectives and experiences strengthen our organization and enable us to better serve our patients and communities.