As a Security Risk and Compliance Analyst, your role is essential in maintaining the security and compliance of our AWS cloud-centric systems. You will support security, risk, audit, and compliance activities related to TransactRx systems. Additionally, you will contribute to planning for HITRUST and SOC 2 certifications.
- Support security-related policies and procedures.
- Assist in the development and enhancement of security processes.
- Help with HITRUST and SOC 2 certifications and support maturity in security and compliance endeavors.
- Stay current with the security threat landscape for the industry.
- Monitor security systems and alerts.
- Analyze alerts, escalate, and track as needed.
- Run assigned security controls and tools.
- Obtain security product training (i.e. AWS tools, Qualys, Threatlocker, etc.)
Education/Training
- Bachelor of Science in Information Technology, Computer Science, or related field
Required Work Experience/Skills
- 3+ years of experience in Information Security roles.
- Obtain security and product certifications.
- Proven capability to think critically and thrive in a fast-paced, ambiguous environment.
Preferred Work Experience/Skills
- Knowledge of AWS cloud infrastructure.
- Familiarity with security controls, security policies and procedures.
- Operation and maintenance of security and compliance tools such as SIEM, vulnerability scanning, endpoint tools
- Awareness of security practices and controls to address security risks, applying frameworks such as NIST, COBIT, and ISO.
- Understanding of IT Compliance and Security principles.
- Strong oral and written communication skills.
Discretionary Judgment
- Uses independent judgment and discretion based upon the employee’s experience in the position and knowledge of the products, equipment, and services.
- Uses good judgement and possesses ethical work values.
Physical Demands, Working Conditions, and General Employment Guidelines
- Moderate or high levels of stress may be experienced in the performance of the job.
- Position is performed in a general office environment, home office, or approved remote workspace where physical work includes, but is not limited to, sitting, standing, reaching, kneeling, bending, and lifting to 25 lbs.
Equipment
- Daily use of the Microsoft Teams (phone), computer, printer, and other routine office equipment.
- Must have internet access.
Safety to Self and Others
- Little responsibility for safety of others. Job is performed in an office or at home setting where there are no hazardous materials or equipment.
- Position is performed in an open office environment or approved remote work location.
- Remote, some travel may be required (<10%)