Senior Audit Analyst (Information Security)
Remote, USA
Applications have closed
PointClickCare
PointClickCare is the leading healthcare technology platform enabling meaningful collaboration and access to real-time insights at any stage of a patient’s healthcare journey. PointClickCare’s single platform spans the care continuum, fostering proactive, holistic decision-making and improved outcomes for all. Over 25,000 long-term post-acute care providers, and over 2,700 hospitals use PointClickCare today, enabling care collaboration and value-based care delivery for over 195 million lives across the U.S. For more information on PointClickCare, please connect with us on Glassdoor and LinkedIn.
Attention Experienced Auditors and Assurance Professionals!Meet the Role:The Senior Analyst is a unique position that allows you to work with both the Security and Trust team and the Legal and Compliance team. You will have the opportunity to contribute to the development and maturity of PointClickCare’s Security Compliance Program and lay the building blocks of the Risk Management program. In this role, you will be responsible for facilitating audits (SOC 1, SOC 2, HITRUST) and formalizing the risk management function within the company by working collaboratively with internal teams, SMEs, external customers, auditors, vendors, and other stakeholders.· Liaise for internal and external audits (SOC 1, SOC 2, HITRUST), including control testing, gathering and validating evidence, remediating gaps, and facilitating audit discussions.· Work with stakeholders to achieve compliance to frameworks such as NIST, HIPAA/HITRUST, GDPR· Lead compliance assessments, initiatives and projects· Lead security user awareness training campaigns· Partner with the relevant teams to support completion of security questionnaires and RFPs from customer and vendors· Ensure compliance requirements and best practices are incorporated during the configuration of the Cloud platform; monitor and manage the cloud compliance program· Lead system audits, reviews, and tests to verify compliance with security policies and standards.· Partner in operationalizing risk management to all areas of the business, by identifying and assessing risks to systems and processes, and recommending remediation strategies· Collaborate with engineering, product, and cloud teams to lead effective process improvements· In addition to identifying process/policy/technology improvement gaps; lead the effort in bridging those gaps to achieve the desired state. · Assist the team in security incidents, as necessary, by identifying areas of non-compliance· Other duties as assigned Meet the Team:You will be working in a fast-paced, intellectually challenging and solutions-oriented environment. You will be expected to be proactive in understanding the requirements, analyzing any gaps and recommending solutions and strategy. This is your chance to contribute to the formalization and operationalization of Compliance at PointClickCare. You will work closely with the Security & Trust team on security-compliance and risk-driven projects, as well as the Legal & Compliance team on regulatory compliance projects.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it. If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com
Attention Experienced Auditors and Assurance Professionals!Meet the Role:The Senior Analyst is a unique position that allows you to work with both the Security and Trust team and the Legal and Compliance team. You will have the opportunity to contribute to the development and maturity of PointClickCare’s Security Compliance Program and lay the building blocks of the Risk Management program. In this role, you will be responsible for facilitating audits (SOC 1, SOC 2, HITRUST) and formalizing the risk management function within the company by working collaboratively with internal teams, SMEs, external customers, auditors, vendors, and other stakeholders.· Liaise for internal and external audits (SOC 1, SOC 2, HITRUST), including control testing, gathering and validating evidence, remediating gaps, and facilitating audit discussions.· Work with stakeholders to achieve compliance to frameworks such as NIST, HIPAA/HITRUST, GDPR· Lead compliance assessments, initiatives and projects· Lead security user awareness training campaigns· Partner with the relevant teams to support completion of security questionnaires and RFPs from customer and vendors· Ensure compliance requirements and best practices are incorporated during the configuration of the Cloud platform; monitor and manage the cloud compliance program· Lead system audits, reviews, and tests to verify compliance with security policies and standards.· Partner in operationalizing risk management to all areas of the business, by identifying and assessing risks to systems and processes, and recommending remediation strategies· Collaborate with engineering, product, and cloud teams to lead effective process improvements· In addition to identifying process/policy/technology improvement gaps; lead the effort in bridging those gaps to achieve the desired state. · Assist the team in security incidents, as necessary, by identifying areas of non-compliance· Other duties as assigned Meet the Team:You will be working in a fast-paced, intellectually challenging and solutions-oriented environment. You will be expected to be proactive in understanding the requirements, analyzing any gaps and recommending solutions and strategy. This is your chance to contribute to the formalization and operationalization of Compliance at PointClickCare. You will work closely with the Security & Trust team on security-compliance and risk-driven projects, as well as the Legal & Compliance team on regulatory compliance projects.
About You
- Post-secondary degree or diploma in Business Management, Security or similar
- Experience leading audits, compliance assessments and certifications, such as HITRUST, NIST and SOC 1/2 etc.
- Significant experience in information security, audit, compliance, risk management or related occupation. Demonstrated knowledge of each of these areas is a big plus!
- Technical expertise in understanding and interpreting system (incl. cloud computing platforms), security and audit requirements
- Proven knowledge of security and compliance frameworks and best practices such as NIST, COBIT, HITRUST
- Superior interpersonal and communication skills
Nice to Have
- Familiarity with data protection regulations such as HIPAA and GDPR (or a strong desire to learn it)
- Experience in design and implementation of information security policies and controls
- Experience in performing risk assessments
- Demonstrated knowledge of risk management methodologies
What will make you stand out!
- Security compliance certifications such as Azure Compliance, CISA, CISSP, CEH, WS Cloud Practitioner, AWS Certified Solutions Architect Associate or similar
- Experience from Big 4 consulting companies #LI-JW1#LI-Remote
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it. If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com
Tags: Audits AWS Azure CEH CISA CISSP Cloud COBIT Compliance GDPR HIPAA HITRUST NIST Privacy Risk management SOC 1 SOC 2 Strategy
Regions:
Remote/Anywhere
North America
Country:
United States
Job stats:
9
2
0
Category:
Analyst Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs