IT Security Risk Specialist
Remote, United States
DatavantJoin Datavant’s network of networks, including 500+ real-world data partners, more than 70,000 hospitals and clinics, and 70% of the top 100 largest health systems.
Datavant protects, connects, and delivers the world’s health data to power better decisions and advance human health. We are a data logistics company for healthcare whose products and solutions enable organizations to move and connect data securely. Datavant has a network of networks consisting of thousands of organizations, more than 70,000 hospitals and clinics, 70% of the 100 largest health systems, and an ecosystem of 500+ real-world data partners.
By joining Datavant today, you’re stepping onto a highly collaborative, remote-first team that is passionate about creating transformative change in healthcare. We hire for three traits: we want people who are smart, nice, and get things done. We invest in our people and believe in hiring for high-potential and humble individuals who can rapidly grow their responsibilities as the company scales. Datavant is a distributed, remote-first team, and we empower Datavanters to shape their working environment in a way that suits their needs.
As the IT Security Risk Specialist working in an enterprise capacity and as a professional colleague within the IT Security and Governance Department, the IT Security Risk Specialist is primarily responsible for responding to client security assessments, engaging with Client Success, Operations Management, and Client contacts to ensure successful completion of any security assessment reviews or request for proposal (RFP) bids. This is a highly visible position as you will be the day-to-day face of IT Security & Governance with our customers and internal stakeholders.
This role will also serve as a resource to support Datavant’s Third Party Risk Management Program by performing vendor oversight processes as needed. This position strategically supports key initiatives including evolving and enhancing Client Service offerings.
- Collaborate with internal business partners, along with client and vendor contacts to ensure that audits and/or questionnaires are completed accordingly;
- Track all remediation issues for Clients, and coordinate with Compliance for reporting any open issues in the enterprise risk register;
- Provide Management with feedback on any areas of non-compliance with client obligations, regulatory requirements; or areas of increasing security or compliance focus by clients through assessments or contracts;
- Assist as needed in conducting regular assessments of vendors to ensure compliance with all regulatory requirements to reduce/mitigate risks;
- Provide Management with best practices and process improvement opportunities regarding Client Assurances and Third Party Risk Management processes;
- Assist in updating policies and procedures.
- Interface with all business units to support business risk reduction initiatives;
- Provide monthly metrics to management as requested;
- Other duties as assigned by management.
What You Will Bring to the Table:
- Bachelor’s Degree in Business related field.
- Minimum 3 years relevant experience completing security assessments, internal controls testing, and risk assessments for both clients and vendors.
- Exceptional interpersonal and communication skills – both written and verbal.
- Solid understanding and experience with control frameworks or Industry standards such as HITRUST, NIST, FedRamp, Sarbanes Oxley, or other control methodologies).
- Understanding of risks and controls.
- Ability to travel up to 30%.
Bonus Points if:
- Experience should be within IT audit, IT Security, Internal Audit, or Compliance Management.
- Experience working in a GRC tool and other automated technologies
- Ability to effectively communicate with business and technology stakeholders.
- Strong commitment to customer service.
- Self-starter and ability to work independently.
- Ability to comprehend policies, standards, procedures, control frameworks, and regulations.
We are committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.
Our compensation philosophy is to be externally competitive, internally fair, and not win or lose on compensation. Salary ranges for this position are developed with the support of benchmarks and industry best practices.
We’re building a high-growth, high-autonomy culture. We rely less on job titles and more on cultivating an environment where anyone can contribute, the best ideas win, and personal growth is driven by expanding impact. The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on their level, responsibilities, skills, and experience for a specific job. The estimated salary range for this role is $98,000 - $128,000.
At the end of this application, you will find a set of voluntary demographic questions. If you choose to respond, your responses will be anonymous and used to help us identify areas of improvement in our recruitment process. (We can only see aggregate responses, not individual responses. In fact, we aren’t even able to see if you’ve responded or not.) Responding is your choice and it will not be used in any way in our hiring process.
More jobs like this
New Britain CT USA … New Britain CT USA - 1000 Stanley … Full TimeMid Mid-levelUSD 35K - 65K * USD 35K+ *
Stanley Black & Decker
Manager, Governance, Risk and Compliance (GRC), United States, (Virtual)Compliance Governance Industrial ISO 27001 NIST Risk management +2
Career development Competitive pay Equity Health care Startup environment +1
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Senior Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Ingénieur DevSecops H/F jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Infosec Risk Manager jobs
- Open Agile-related jobs
- Open C-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs