Information Security Analyst

Skills

As a Senior Information Security Analyst you will be a key member of our security team responsible for safeguarding our organization's systems and data from cyber threats. Your primary focus will be assessing security risks developing and implementing security measures and ensuring compliance with regulations contractual requirements and established policies and standards. You will play a crucial role in supporting our Federal business teams and must have an understanding of FedRAMP NIST 800-53 HIPAA and/or FIPS. This role requires expertise in cybersecurity practices excellent analytical skills and the ability to collaborate effectively with cross-functional teams. Our preferred candidate will have experience with one or more Federal agencies including CMS HHS or HRSA.

Description

Headquartered in West Des Moines, Iowa with over 600 employees, Telligen is helping people live their healthiest lives by delivering true results for state/federal programs & health plan sponsors. - https://www.telligen.com/
Telligen is one of the most respected population health management organizations in the country. We work with state and federal government programs, as well as employers and health plans offering clinical, analytical, and technical expertise.
Whether helping an employer improve the health and well-being of its employees, a state Medicaid director with cost containment or managing federal programs that are advancing innovation in healthcare delivery, the depth and breadth of our healthcare expertise is what sets us apart. For more than 50 years, Telligen solutions have been delivering true results for health plan sponsors and federal and state programs.
Specialties: Cost Containment, Data Analytics, Wellness & Well-Being, Quality Improvement, Health & Wellness, Clinical Quality Measures, Long-Term Services and Supports, Evidence-Based Medicine, Quality Payment Program, and Medicaid Utilization Management

Responsibilities

• Develop and implement security standards, policies, and procedures to safeguard resources ensuring compliance with HIPAA, NIST, FedRAMP, and/or HITRUST requirements.
• Evaluate security and privacy risks by balancing business drivers, best practices, and external drivers. Provide proactive solutions or recommendations through collaboration across business units.
• Security Operations and Vulnerability Management
• Support vulnerability management activities. Validate creation, documentation, and completion of Plans of Action and Milestones (POA&Ms)
• Lead computer security incident response efforts including but not limited to preparing executive summaries, recommending mitigation strategies, and tracking remediation efforts.
• Facilitate BCP/DR planning including coordination of documentation and testing.
• Lead the creation and ensure the ongoing maintenance of documentation for multiple systems including but not limited to risk assessments, privacy impact assessments, and security plans. Validate compliance of documentation with government and industry standards.
• Maintain accurate and up-to-date documentation of incidents, tickets, vulnerabilities, and compliance activities.
• Work closely with Federal contract teams to ensure implementation of security controls and best practices as required by the contract.
• Stay current with industry trends, emerging threats, security technologies, and pertinent regulations.
• Provide guidance and mentorship to junior members of the security team.
• Be timely with response, use professional communication, and approach vulnerability and risk management from the perspective of business enablement.

Educational Requirements

• 5-7 years of work experience in IT in one or more areas of infrastructure, application development, database, and systems management
• 3 or more years of experience must be in an information security role with demonstrated working knowledge of information security, federal and state rules and regulations, company/business unit operations, compliance policies, procedures, and/or programs in the area of assignment
• 2-year degree in Information Technology, Information Security, or related field and/or equivalent training and/or experience.
• Bachelor’s degree in Computer Science, MIS, Information Assurance, or a related field is preferred
• Experience working with FedRAMP, NIST 800-53, HIPAA, and/or FIPS
• Industry-standard certification (CISSP, SSCP, GSNA, or CISA) is preferred.
• Preferred candidate will have experience with one or more Federal agencies including CMS, HHS, or HRSA.
• Experience with NIST, ISO, and HIPAA requirements/guidance is highly desirable.