MBI Digital is looking for a Security Operations Compliance Analyst with minimum 3 yrs experience working on Healthcare control frameworks and supporting QA teams.
The Security Operations Compliance Analyst is responsible for overseeing and implementing security measures, policies, and procedures to maintain compliance with industry standards, regulations, and internal protocols. You will closely work with the security operations team to ensure that security practices align with legal and regulatory requirements.
This is a 100% remote opportunity. The project engagement is for 6 months with possibility of extension. The candidate should be willing to work in the EST time zone.
Role and Responsibilities:
Write new/update existing control questions, risk impacts, evidence requirements, recommended remediation actions, etc.
Write new/update audit protocols.
Develop/update tiering methodology.
Creation/maintenance of risk scoring rubrics, Impact/Likelihood factors and scales, and Risk Rating matrices.
Train security operations staff on updates to methodology and content
Documentation/training required for success.
Serve as an escalation point for interpretation questions related to vendor assessment responses, risk methodology, and customer clarification questions.
Research of new frameworks & regulations that we need to cover with our solution and subsequently updating control questions, evidence requirements and recommended remediations if necessary.
Research of security technologies to enhance our offering in the market, stay on pace or ahead of competitors.
Day to day Change Management of Client Intellectual Property, security content and existing questionnaires.
Keep external-facing methodology content current in support of Sales, Marketing, & customer FAQ.
Keep internal-facing staff Knowledge Base content current.
Collaborate with the product team to develop mockups and write/edit security-relevant content for product features & customer deliverables.
Documentation and Reporting: Maintain comprehensive records of compliance activities, prepare reports, and present findings to management, highlighting areas of compliance strength and areas needing improvement.
Required skills and Qualifications:
3+ years industry experience in Healthcare Security Control frameworks and standards
Excellent communication skills to liaise with various stakeholders and convey complex security concepts effectively
Detail-oriented and analytical mindset
Ability to work independently and as part of a team
Strong problem-solving skills
Self motivated and driven by curiosity to learn and solve problems
Educational Qualifications:
Bachelor’s degree in Computer Science, Information Security, or related field.