Security Analyst - HIPAA - ONSITE

This position is fully onsite in Franklin, TN.

About the Job:
The Security Analyst is responsible for assisting in the review and assessment of SBHC’s regulatory compliance program to ensure alignment with HIPAA, PCI and all other federal, state and local regulations.

Roles and Responsibilities:

• Performs security assessments of security controls (HIPAA, Meaningful Use, PCI, SOX) for the purpose of trend analysis and compliance reporting to enterprise customers through the use of tools and methodologies.
• Documents gaps in security risk assessment process and communicate to leadership opportunity for process improvements.
• Performs assessments of appropriate administrative, physical, and technical safeguards with little supervision to protect the confidentiality, integrity, and availability of confidential or regulated data (SOX, PCI, PHI).
• Performs security risk assessments of new and existing applications, devices and services for the purpose of documenting risks introduced by a new or existing project, program, product or solution.
• Facilitates follow up and track required remediation controls where necessary.
• Documents security exceptions resulting from security risk assessments and assist with review of security exceptions when necessary.
• Performs maintenance and configuration of Security Compliance tools (GRC) to ensure process efficiency and data accuracy.
• Assists with coordinating the remediation of control deficiencies resulting from security risk assessments and track progress and closure.
• Utilizes working knowledge of technologies and methodologies as it relates to operating systems, firewalls, content filtering, access controls, encryption, networking, programming/ scripting, auditing, vulnerability assessments, intrusion management and operations with little oversight to assist the Security Strategy and Compliance team with effective research, data gathering, analysis, metrics, reporting and communications.
• Monitors Information Security tools to identify and communicate to team leadership actionable security risks using industry standard methodologies and best practices.
• Utilizes working knowledge of company-wide Information Systems policies and standards governing individual behavior while accessing Information System resources.

Education/Experience/Skill Requirements:

• High School Diploma or equivalent required, college coursework in computer science, information security or related field preferred.
• At least two years’ of experience analyzing data and utilizing data tools (Excel, PowerBI, SQL, etc.) preferred.
• Appropriate industry certification preferred (CISSP, CISA, HITRUST, etc.).
• Works independently as well as collaboratively with minimal professional and managerial supervision.
• Working knowledge of common industry standard security and audit methodologies.
• Strong research and analytical skills is a must.
• Experience in regulatory standards (HIPAA, HITECH, PCI, SOX, COBIT) required.
• Prefers knowledge of relational databases and structured query language and knowledge of firewalls, vulnerability scans, Windows/Linux/Unix operating systems, networking components (routers, switches, wireless access points) and encryption methods.

Why Summit Healthcare Mgmt? Summit Healthcare Mgmt offers a comprehensive benefit plan and a competitive salary commensurate with experience and qualifications. Qualified candidates should apply by submitting a resume. Summit Healthcare Mgmt is an EOE.
Veterans and military spouses are highly encouraged to apply. Summit BHC is dedicated to serving Veterans with specialized programming at our treatment centers across the country. We recognize and value the unique strengths of the military community in supporting our mission to serve those who have served.

Job Type: Full-time

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Employee assistance program
• Flexible spending account
• Health insurance
• Health savings account
• Paid time off
• Vision insurance

Schedule:

• Monday to Friday

Work Location: In person