Job Closed
This listing is no longer active.
Simplifying the healthcare experience for clients and members.
Senior Security Analyst
Location
United States
Posted
117 days ago
Salary
$120K - $145K / year
Seniority
Senior
Job Description
Senior Security Analyst
Rightway
• Coordinate and execute recurring GRC tasks such as quarterly access reviews, audit evidence collection, and risk register reconciliation. • Document and track completion of control activities and escalate issues where needed. • Assist with internal and external audits, ensuring timely and complete evidence collection and review. • Collaborate with Sales, Legal, and Product teams to lead responses for customer security questionnaires and RFPs, progressively owning more complex requests as your experience deepens. • Maintain and continuously improve a centralized repository of commonly requested security documentation and artifacts (e.g., SOC 2, SIG, CAIQ). • Work closely with a broad array of business leaders to conduct initial and periodic vendor risk assessments, ensuring that third parties meet Rightway's security and compliance standards. • Track and follow up on remediation plans and risk treatment for vendors posing unacceptable risk. • Enable and support automation and optimization of the vendor risk assessment lifecycle using both AI and traditional tooling. • Support the implementation and operationalization of AI risk and governance controls in alignment with ISO/IEC 42001 (AI Management System) and emerging regulatory guidance e.g., CAIA (Colorado AI Act). • Monitor AI systems for compliance with ethical and legal standards.
Job Requirements
- 3-5 years of experience in information security, GRC, or related disciplines.
- Familiarity with security compliance frameworks and regulations (e.g., SOC 2, ISO 27001, NIST, HIPAA).
- Experience responding to security questionnaires and customer due diligence requests.
- Experience performing vendor security reviews and risk assessments.
- Strong organizational skills and the ability to manage multiple tasks and deadlines simultaneously.
- Passionate advocate for governance, risk, and compliance, believing that these are not merely check box activities, but vital tools that significantly improve security posture and protect the organization.
- Interest in emerging technologies and willingness to develop subject matter expertise in AI risk and compliance.
Benefits
- Health insurance
- Professional development opportunities
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Cybersecurity Analyst I
SouthState BankThe SouthState story is one of steady growth, deep community roots, and an unwavering commitment to helping our customers move forward. Since our beginnings in the 1930s to becoming a trusted financial partner across the South and beyond - we are known for combining personal relationships with forward-thinking solutions. We are committed to helping our team members find their success while maintaining the integrity of our values: building trust, fostering lasting relationships and pursuing excellence. At SouthState, individual contributions are recognized, potential is cultivated and team members are inspired to achieve their greater purpose. Your future begins here!
• The Cybersecurity Analyst is responsible for the collection, analysis, validation, monitoring, and response to cybersecurity intelligence and events. • Perform day-to-day operational tasks by analyzing and responding to security events that have been logged and correlated by the SIEM or other security platform. • Monitor all in-place security solutions for efficient and appropriate operations. • Participate in investigation and resolution of anomalous activity. • Serve as a first responder and assist with initial investigations for potential security events. • Analyze configuration and vulnerability information to determine risk to the Bank’s data security. • Provide feedback on tuning of rules and alerts. Recommend tuning of rules that generate alerts to ensure low false positive rates.
• Perform analysis and management of information security risks, identifying vulnerabilities, assessing impacts, and proposing mitigation plans • Validate, review, and govern firewall rules, ensuring adherence to security policies, best practices, and compliance requirements • Work with the Security Operations Center (SOC) to define, validate, and continuously improve monitoring rules, event correlation, and security alerts • Evaluate and validate security incidents, supporting investigations, root cause analysis, and prevention recommendations • Ensure security processes and controls are aligned with ITSM frameworks, information security best practices, and service management • Prepare and maintain technical documentation, risk reports, incident reports, and security metrics • Collaborate with infrastructure, network, application, and governance teams to ensure the effectiveness of security controls • Support internal and external audits, ensuring compliance with security policies, standards, and certifications • Participate in the continuous improvement of cybersecurity processes, contributing to the maturity of the organization’s security posture
Senior Workday HRIS/Security Analyst
Advocate Aurora HealthWe help people live well. We’re proud to be part of Advocate Health.
• Responsible for Workday Security for all HR modules • Participate in various HR projects to provide technical HR system support • Ensures security, end-user access, and data integrity across all HR platforms • Maintain Workday ticketing system • Help ensure data accuracy by validating security settings • Conduct regular audits of user access and security configurations
Security Analyst, Penetration Testing
Rapid7At Rapid7, our vision is to create a secure digital world for our customers, our industry, and our communities. We do this by harnessing our collective expertise and passion to challenge what’s possible and drive extraordinary impact. We’re building a dynamic and collaborative workplace where new ideas are welcome. Protecting 11,000+ customers against bad actors and threats means we’re continuing to push the envelope - just like we’ve been doing for the past 20 years. If you’re ready to solve some of the toughest challenges in cybersecurity, we’re ready to help you take command of your career. Join us.
• Perform technical testing against a variety of targets, including network penetration testing (internal, external, and wireless), web application and API testing, and social engineering (on-premise and electronic) • Consistently produce high-quality reports and peer-review colleagues' work for errors and inaccuracies • Help develop and create Executive Briefings • Deliver timely reports to clients and external stakeholders • Translate technical concepts and convey them to non-security personnel • Be capable of learning in a fast-paced environment and taking on solo engagements • Participate in industry conferences and professional organizations
