Security Risk and Compliance Intern
at PatientPoint

Summary

Join PatientPoint to contribute to improving health outcomes for millions of patients nationwide by providing support for maturing and optimizing information security governance, risk management, and compliance capabilities across PatientPoint’s footprint.

Requirements

• Currently pursuing a Bachelor's in Computer Science, Information Security, or a related degree. GPA of 3.0 or higher
• Good interpersonal communication skills with experience in collaborating with internal and external partners to produce positive security risk management outcomes
• Ability to learn quickly, take ownership of new projects, and adopt new technologies and methodologies
• Basic understanding of risk assessment methodologies and best practices
• Proficiency with productivity and collaboration tools such as Microsoft Office, Slack, Box, and Zoom

Responsibilities

• Provide support in the implementation of security projects aligned with PatientPoint’s business needs to further mature our information security governance, risk, and compliance program, including building dashboards, updating and maintaining risk registers, and assisting in automation
• Diligently take up and accomplish daily Risk and Compliance tasks to achieve the team's goals within defined deadlines
• Conduct Vendor Risk Assessments to proactively reduce the risks originating from third parties
• Provide support in responding to security tickets
• Assist in maintaining the annual security compliance and audit calendar, including FedRAMP, SOC 2, and ISO 27001:2013 audits, as well as customer-initiated audits
• Assist with maintaining information security program documentation, consisting of security policies, standards, and guidelines, and coordinating management ratification of these policies at regular intervals
• Participate in improving the overall security culture across PatientPoint by providing ideas and input aligned with addressing identified risks and compliance gaps in training course materials

Preferred Qualifications

• Experience or knowledge of FedRAMP, SOC 2, or ISO 27001:2013 audits
• Strong organizational skills and ability to manage documentation, including policies, standards, risk assessment reports, and other security risk management documentation
• Excellent presentation and written communication skills with a team-focused attitude

Benefits

• Competitive compensation
• Flexible time off to recharge
• Hybrid work options
• Mental and emotional wellness resources
• 401K plan