Information Security Risk Analyst

AnewHealth is one of the nation’s leading pharmacy care management companies that specializes in caring for people with the most complex, chronic needs—wherever they call home. We enable better outcomes for patients and the healthcare organizations who support them. Established in 2023 through the combination of ExactCare and Tabula Rasa HealthCare, we provide a suite of solutions that includes comprehensive pharmacy services; full-service pharmacy benefit management; and specialized support services for Program of All-Inclusive Care for the Elderly. With over 1,400 team members, we care for more than 100,000 people across all 50 states.

Job Details

The ideal candidate will be responsible for ensuring our IT infrastructure and processes comply with regulatory requirements and internal security policies. They will be the conduit to the infrastructure team to create a meaningful disaster recovery program, conduct thorough security assessments, monitor compliance with IT security standards, gather evidence from audits and vulnerability assessments, help track remediation efforts and work closely with other departments to implement security measures. 

Responsibilities

• Conduct infrastructure risk assessments to maintain disaster recovery and business continuity controls in accordance with HIPAA and HITRUST requirements.

• Assist in conducting comprehensive IT security assessments and audits to ensure compliance with regulatory requirements and internal policies.

• Monitor and analyze security alerts and incidents, and coordinate responses to ensure prompt and effective resolution.

• Develop, implement, and maintain IT security policies, standards, and procedures.

• Assist in the identification, assessment, tracking and mitigation of security risks.

• Stay current with industry trends, threats, and best practices to ensure our IT security measures remain up-to-date and effective.

• Prepare and present detailed reports on IT security compliance status and incidents to senior management.

Requirements

• Minimum 1 year of experience in IT security, compliance, or a related role.

• Basic understanding of regulatory requirements and standards, such as GDPR, HIPAA, PCI-DSS, and ISO 27001.

• Experience with security tools and methodologies.

• Excellent analytical, problem-solving, and communication skills.

• Relevant certifications, such as Security+ or A+ are highly desirable.

• Experience with security information and event management (SIEM) systems

• Knowledge of network security, encryption, and vulnerability management.

• Familiarity with cloud security best practices and solutions.

• Understanding of network security.

• Understanding of incident response, threat detection, and security monitoring.

• Understanding security monitoring, patch management, and maintaining regulatory compliance.

AnewHealth offers a comprehensive benefit package for full-time employees that includes medical/dental/vision, flexible spending, company-paid life insurance and short-term disability as well as voluntary benefits, 401(k), Paid Time Off and paid holidays. Medical, dental and vision coverage are effective 1st of the month following date of hire.

AnewHealth provides equal employment opportunity to all qualified applicants regardless of race, color, religion, national origin, sex, sexual orientation, gender identity, age, disability, genetic information, or veteran status, or other legally protected classification in the state in which a person is seeking employment. Applicants are encouraged to confidentially self-identify when applying. Local applicants are encouraged to apply. We maintain a drug-free work environment. Applicants must be eligible to work in this country.