Security Policy Analyst

This role will provide support for maturing and optimizing information security governance, risk management, and compliance capabilities across Zelis’ expanding global footprint.

• Establish and maintain security standards and procedures in accordance with HITRUST, PCI, SOC, and NIST requirements.
• Understand new security compliance requirements and assist in the evaluation of compliance control requirements
• Maintain, develop, and improve metrics for the Information Security program
• Assist with Information Security Governance
• Write detailed findings with actionable remediation plans, and obtain supporting documentation
• Support the implementation of policy and standards to further mature Zelis’ information security governance, risk and compliance program leveraging knowledge and experience working with industry security standards, such as HITRUST, PCI DSS, SOC1, SOC2 and the NIST Supplemental Policies
• Support day-to-day execution of security procedures in areas related to perimeter and endpoint security, cloud security posture management, vulnerability management, security observability, and security operations
• Continuously develop knowledge around new technologies in the industry and technologies adopted within Zelis to analyze risks and impact to the business
• Support efforts to develop or continuously improve security controls, processes and procedures across Zelis, as necessary
• Accurately assess risk

Requirements:

• 5+ years of demonstrable experience with IT Security, including IAM, network, data, endpoint, and cloud.
• 5+ years of demonstrable experience in security risk governance, auditing and compliance, with a focus on supporting security policies and procedures

• Good interpersonal communication skills with experience and enthusiasm for collaborating with internal and external partners and stakeholders to develop productive relationships and achieve positive security risk management outcomes
• Ability and willingness to produce and maintain documentation and reports, specifically assisting in developing policies, standards, risk assessment reports, and other forms of Security Risk Management Program documentation
• Ability to learn quickly with a willingness to take ownership for new projects and learning new technologies and methodologies
• Full understanding of industry standards for compliance such as HITRUST, PCI DSS, SSAE 18 SOC 1 / SOC 2 and NIST SPs is desirable
• Experience with risk assessment methodologies and best practices
• Excellent presentation and written communications skills and a team-focused attitude
• Ability to keep up with an agile fast paced technology-based work environment
• Possess an information security or IT audit certification, such as CISSP, CISA, CISM CRISC, or their equivalent

As a leading payments company in healthcare, we guide, price, explain, and pay for care on behalf of insurers and their members. We’re Zelis in our pursuit to align the interests of payers, providers, and consumers to deliver a better financial experience and more affordable, transparent care for all. We partner with more than 700 payers, including the top-5 national health plans, BCBS insurers, regional health plans, TPAs and self-insured employers, over 4 million providers, and 100 million members, enabling the healthcare industry to pay for care, with care. Zelis brings adaptive technology, a deeply ingrained service culture, and a comprehensive navigation through adjudication and payment platform to manage the complete payment process.

Commitment to Diversity, Equity, Inclusion, and Belonging 
At Zelis, we champion diversity, equity, inclusion, and belonging in all aspects of our operations. We embrace the power of diversity and create an environment where people can bring their authentic and best selves to work. We know that a sense of belonging is key not only to your success at Zelis, but also to your ability to bring your best each day.

Equal Employment Opportunity  
Zelis is proud to be an equal opportunity employer. All applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. 

We encourage members of traditionally underrepresented communities to apply, even if you do not believe you 100% fit the qualifications of the position, including women, LGBTQIA people, people of color, and people with disabilities.  

Accessibility Support 

We are dedicated to ensuring our application process is accessible to all candidates. If you are a qualified individual with a disability or a disabled veteran and require a reasonable accommodation with any part of the application and/or interview process, please email TalentAcquisition@zelis.com   

SCAM ALERT: There is an active nationwide employment scam which is now using Zelis to garner personal information or financial scams. This site is secure, and any applications made here are with our legitimate partner. If you’re contacted by a Zelis Recruiter, please ensure whomever is contacting you truly represents Zelis Healthcare. We will never asked for the exchange of any money or credit card details during the recruitment process. Please be aware of any suspicious email activity from people who could be pretending to be recruiters or senior professionals at Zelis.