Lead Business Systems Analyst - Security Analyst
San Francisco, California
2rbConsulting is seeking an experienced Lead Security Analyst with Risk Assessment experience for a long term contract or contract-to-hire role with a well-known health insurance provider in San Francisco or El Dorado Hills, CA.
This role requires the successful candidate to be eligible to work in the US without sponsorship, and work with 2rbConsulting as a W-2 employee.
In this role you'll work as a Lead within a newly formed Risk Assessment organization. This group focuses on investigations requested by various business units throughout the client organization. The Lead Security Analyst will lead the efforts on assessment for backlogged requests, all well as standardizing and updating outdated policies. You will interface with Business Users of all levels across a broad organization.
The team mission is to ensure compliance with regulatory and industry standards for infrastructure and information system security, including Hardening/Configuration Standards.
Represent security interests to project teams by ensuring security standards and requirements are defined as part of the deliverables.
Participates in the development and documentation of IT Security strategies, policies, and standards.
Collaborates with business and project teams to ensure third party applications and services comply with our policies and principles.
Monitors the external application security threat landscape and recommends proactive actions to reduce risk to the enterprise.
- Identify, document, and monitor key business processes needed to achieve successful business results. Map and document processes while developing frameworks for process improvement security policy.
- 3+ years experience in Security Analysis, specifically with Risk Assessments for 3rd party vendor software. Currently, our client organization is running approximately 1000 applications.
- Wide knowledge of information security policies and standards, plus a passion for advocating their correct usage.
- Exp. with standard GRC tools.
- Exp. with HIPPA, PCI, ISO standards.
- CISSP, and knowledge of one or more of the following: HIPAA, HITECH, PCI-DSS, ISO 2700X and proper application of the Security and Privacy Rules. Preferred knowledge of the HITRUST Common Security Framework and more prescriptive security requirements and controls.
- Exp. identifying, documenting, and monitoring key business processes needed to achieve successful business results. Map and document processes while developing frameworks for process improvement security policy.
- Have excellent communication skills (written and verbal)
- Demonstrate a strong problem-solving ability and analytical skills.
- Documenting and publishing security policies and standards, guidelines and procedures.
If this opportunity sounds like a good match for you, please submit your resume for immediate consideration.
Candidates selected for these contract opportunities will be required to pass a background check and drug screen.
You will also be required to work directly with 2rbConsulting as a W-2 employee, no 1099 or 3rd Party Candidates will be accepted.