Post Jobs

Security Compliance Analyst

Full Time

Website HealthVerity

How you will help
As a part of our SecOps team, you will be at the front line of our security monitoring, risk assessment, escalation, and remediation processes. You will deep dive on security alerts, help tune monitoring and alerting systems, and investigate and analyze risks to our people, processes, systems, and data.
What you will do
• Manage and triage NIST 800-53, FedRAMP and related security issues and non-compliance events
• Manage compliance monitoring including inventory, vulnerability management, POA&M and continuous monitoring and reporting and other recurring compliance activities
• Lead and support security policy and procedure maintenance and documentation improvements
• Manage security information gathering (SIG) requests by ensuring accurate and timely vendor and data partner responses
• Lead and support annual third-party assessment organization and other 3rd-party risk assessment activities
• Assist with coordination required security training activities
• Lead and support contingency planning and incident response testing and training.
About You
• Security is a priority in everything you do
• Hold basic familiarity with HIPAA, NIST 800-53 and security compliance frameworks
• Keep up to date on data science tools and distributed computing methodologies
• Familiar with scalable and/or cluster compute architectures
• Know the relevance of monitoring and measuring systems to identify challenges and risks
• Comfortable with Shell scripting, Python, Ruby, or similar languages.
Desired Skills and Experience
• 2-5 years information security and/or system administration experience under Linux-focused on patching, configuration management, and vulnerability remediation
• ISC2, SANS or similar security certifications
• Working knowledge of Nmap, Nessus, OpenVPN, tcpdump, OpenSSL and other security related tools
• Comfortable with scripting in Python and Bash
• Understanding of data network configuration and infrastructure concepts, including TCP/IP, DNS, routers, internet/intranet/extranet, firewalls, web servers and security hierarchy including the application of encryption key infrastructures and authentication processes.
HealthVerity security team members are trustworthy company advisors. As such, we will ask for your certification details in order to verify authenticity.
Let us apply for you (from 10$)

To apply for this job please visit jobs.lever.co.