Remote Information Security Governance Analyst

At Shields, we pride ourselves on our culture of inclusion and kindness and the difference we make in patients’ lives every day. We are tremendously proud to be certified as a ‘Great Place to Work’ four years in a row. In 2022, we were awarded US Fortune Best Workplaces in Health Care™, Fortune Best Workplaces for Millennials™ & Fortune Best Workplaces for Women™.

Improving lives and elevating performance are at the heart of everything we do. That’s why more health system leaders trust Shields to elevate access, outcomes and growth within specialty pharmacy — delivering value throughout the entire health system. Leveraging our proven Shields Performance Platform – we deliver the financial results that health systems demand and the superior outcomes patients deserve. With the foremost leaders in specialty pharmacy on our team; proven success partnering with more than 70 health systems; and a vested interest in delivering measurable results – we are the partner health systems trust to transform their specialty pharmacy into a powerful growth engine and elevate performance where it matters most.

Information Security Governance Analyst

As a member of the Shields Health Solutions Information Security and Infrastructure Team, the responsibility of Information Security Governance Analyst is to help support the day-to-day operations related to policy compliance, organizational policies and security requirements. In addition, you will be responsible for completing IT Risk Management tasks.

Qualifications:

• Bachelor’s degree in information technology, business, or related field; or equivalent combination of education and experience required
• Minimum of 2 years of Risk Management, Information Security, IT Auditing or equivalent experience
• Demonstrate a strong understanding of Information Security, IT environments and their impact on business risk
• Understanding of HIPAA, GDPR, and other local, state, and federal privacy laws and regulations
• Familiar with NIST, HITRUST, and other information security frameworks
• Strong interpersonal skills with the ability to work effectively in a matrixed environment
• Easily adapt to a rapidly evolving, cybersecurity environment as it relates to changes in strategy and risk
• Strong organizational skills and attention to detail
• Ability to develop a strategy, and design and execute on the associated plan
• Self-motivated and able to handle tasks with minimal supervision
• Ability to deliver a high level of customer service
• Proficient in Microsoft Office applications and collaboration tools: Word, Excel, Outlook, Teams
• Believe in Shields Health Solutions core values: Accountability, Teamwork, Integrity and Trust, Leadership, and Kindness

Role and Responsibilities – Detail:

• Work with team members on completing privileged access reviews, user entitlement reviews, and user reviews across a number of Shields operating environments, applications, and third-party solutions
• Execute Shields Health Solutions Vendor Risk Management Plan
  • Interface with Shields IT vendors to collect, review and keep required document sets up to date
  • Work with vendors to remediate findings found by Shields cybersecurity ratings and insights partner, RiskRecon
  • Administer through completion inherent risk questionnaires and vendor risk/security questionnaires
• Complete other internal audit tasks month, quarterly, annually or as required including but not limited to:
  • Badge access reviews
  • Asset inventory
  • Software allowed and disallowed lists
  • Application risk review
  • Policy, standards and procedure document review
• Prepare status reports and presentations on a timely and routine basis
• Keep up with current Information Security best practices and industry trends. Communicate and apply these practices to policy and process improvement
• Perform other team duties as assigned

California residents employed by or applying for work at Shields have certain privacy rights. Please review our: California Workforce Privacy Notice and Privacy Policy.

Shields Health Solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.