Signify Health
Signify Health

Third Party Security Risk Analyst

How will this role have an impact?

The Third Party Security Risk Analyst is responsible for performing security risk assessments on Signify Health’s third party vendors and partners.  In this role, you will be partnering with internal and external stakeholders to perform the risk assessment activities, providing findings and recommendations as needed.


As a Third Party Security Risk Analyst, you will also be responsible for assessing the Signify Health organization through the lens of an external assessor, to help the organization benchmark against the industry.

Diversity and Inclusion are core values at Signify Health, and fostering a workplace culture reflective of that is critical to our continued success as an organization.

What will you do?

  • Meet with business sponsors to understand third party use cases, specifically data types and flows
  • Perform assessment on third party services by reviewing solution documentation, analyzing threat intelligence data, and using third party risk tools
  • Document risks, provide recommendations (as needed), and review findings with business sponsors and associated third party stakeholders
  • Develop assessment reports for business stakeholders and assessment archives
  • Work with the Security Risk Management team to intake risks and develop action plans for third parties where applicable
  • Serve as a liaison for the security team

 

We are looking for someone with:

  • Bachelor’s degree in Computer Science, cybersecurity or related field
  • An equivalent combination of experience and training may be considered instead of a college degree
  • 3 or more years of related experience is required 
  • Familiarity with cloud services and infrastructure
  • Familiarity with web application security practices and configurations
  • Familiarity with regulatory requirements, such as CCPA, GDPR, and HIPAA
  • Familiarity with cybersecurity frameworks, such as HITRUST and NIST
  • Ability to effectively communicate business risk as it relates to information security
  • Experience in conducting risk assessments that protect the business and adhere with compliance and privacy laws


Other Attributes and Certifications we look for:

  • Possesses highly effective communications skills with the ability to influence business units
  • Acts with integrity, takes pride in work and seeks to excel, be curious and adaptable
  • Demonstrates effective decision-making skills
  • Is highly trustworthy and leads by example
  • Stays current with evolving threat landscape
  • Security +, MTA Security Fundamentals, or related preferred.
  • CISSP, CISM, CISA, or related preferred.



About Us: 

Signify Health is helping build the healthcare system we all want to experience by transforming the home into the healthcare hub. We coordinate care holistically across individuals’ clinical, social, and behavioral needs so they can enjoy more healthy days at home. By building strong connections to primary care providers and community resources, we’re able to close critical care and social gaps, as well as manage risk for individuals who need help the most. This leads to better outcomes and a better experience for everyone involved.  

Our high-performance networks are powered by more than 9,000 mobile doctors and nurses covering every county in the U.S., 3,500 healthcare providers and facilities in value-based arrangements, and hundreds of community-based organizations. Signify’s intelligent technology and decision-support services enable these resources to radically simplify care coordination for more than 1.5 million individuals each year while helping payers and providers more effectively implement value-based care programs. 

We are committed to equal employment opportunities for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.

To learn more about how we’re driving outcomes and making healthcare work better, please visit us at www.signifyhealth.com.

This job is no longer available