Senior Audit Analyst (Information Security)

Remote, USA

PointClickCare is the leading healthcare technology platform enabling meaningful collaboration and access to real-time insights at any stage of a patient’s healthcare journey. PointClickCare’s single platform spans the care continuum, fostering proactive, holistic decision-making and improved outcomes for all. Over 25,000 long-term post-acute care providers, and over 2,700 hospitals use PointClickCare today, enabling care collaboration and value-based care delivery for over 195 million lives across the U.S. For more information on PointClickCare, please connect with us on Glassdoor and LinkedIn.
Attention Experienced Auditors and Assurance Professionals!Meet the Role:The Senior Analyst is a unique position that allows you to work with both the Security and Trust team and the Legal and Compliance team. You will have the opportunity to contribute to the development and maturity of PointClickCare’s Security Compliance Program and lay the building blocks of the Risk Management program. In this role, you will be responsible for facilitating audits (SOC 1, SOC 2, HITRUST)  and formalizing the risk management function within the company by working collaboratively with internal teams, SMEs, external customers, auditors, vendors, and other stakeholders.·         Liaise for internal and external audits (SOC 1, SOC 2, HITRUST), including control testing, gathering and validating evidence, remediating gaps, and facilitating audit discussions.·         Work with stakeholders to achieve compliance to frameworks such as NIST, HIPAA/HITRUST, GDPR·         Lead compliance assessments, initiatives and projects·         Lead security user awareness training campaigns·         Partner with the relevant teams to support completion of security questionnaires and RFPs from customer and vendors·         Ensure compliance requirements and best practices are incorporated during the configuration of the Cloud platform; monitor and manage the cloud compliance program·         Lead system audits, reviews, and tests to verify compliance with security policies and standards.·         Partner in operationalizing risk management to all areas of the business, by identifying and assessing risks to systems and processes, and recommending remediation strategies·         Collaborate with engineering, product, and cloud teams to lead effective process improvements·         In addition to identifying process/policy/technology improvement gaps; lead the effort in bridging those gaps to achieve the desired state. ·         Assist the team in security incidents, as necessary, by identifying areas of non-compliance·         Other duties as assigned Meet the Team:You will be working in a fast-paced, intellectually challenging and solutions-oriented environment. You will be expected to be proactive in understanding the requirements, analyzing any gaps and recommending solutions and strategy. This is your chance to contribute to the formalization and operationalization of Compliance at PointClickCare. You will work closely with the Security & Trust team on security-compliance and risk-driven projects, as well as the Legal & Compliance team on regulatory compliance projects. 

About You

  • Post-secondary degree or diploma in Business Management, Security or similar
  • Experience leading audits, compliance assessments and certifications, such as HITRUST, NIST and SOC 1/2 etc.
  • Significant experience in information security, audit, compliance, risk management or related occupation. Demonstrated knowledge of each of these areas is a big plus!
  • Technical expertise in understanding and interpreting system (incl. cloud computing platforms), security and audit requirements
  • Proven knowledge of security and compliance frameworks and best practices such as NIST, COBIT, HITRUST
  • Superior interpersonal and communication skills

Nice to Have

  • Familiarity with data protection regulations such as HIPAA and GDPR (or a strong desire to learn it)
  • Experience in design and implementation of information security policies and controls
  • Experience in performing risk assessments
  • Demonstrated knowledge of risk management methodologies

What will make you stand out!

  • Security compliance certifications such as Azure Compliance, CISA, CISSP, CEH, WS Cloud Practitioner, AWS Certified Solutions Architect Associate or similar
  • Experience from Big 4 consulting companies 
  • #LI-JW1#LI-Remote
It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it.  If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com

Tags: Audits AWS Azure CEH CISA CISSP Cloud COBIT Compliance GDPR HIPAA HITRUST NIST Privacy Risk management SOC 1 SOC 2 Strategy

Regions: Remote/Anywhere North America
Country: United States
Job stats:  9  2  0
Category: Analyst Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.