Sr. IT Risk & Controls Analyst - Contract Negotiations - Remote

At Prime Therapeutics (Prime), we are a different kind of PBM, with a purpose beyond profits and a unique ability to connect care for those we serve. Looking for a purpose-driven career? Come build the future of pharmacy with us.

Job Posting Title

Sr. IT Risk & Controls Analyst - Contract Negotiations - Remote

Job Description

We are presenting a unique opportunity for an experienced IT Risk and Controls Analyst with a background in Contract Negotiations.

As a Sr. IT Risk & Controls Analyst you would be responsible for leading the development and execution of processes and people to ensure IT compliance with regulatory, industry and client security requirements. This role is responsible for working with cross-functional teams and management to set direction and secure resources for the operational processes needed to support the Security Governance Risk and Compliance program.

Responsibilities

• Lead the development, implementation and enforcement of organization wide security standards, policies and procedures including organizational processes and metrics that monitor risk and controls and evaluating operational performance

• Perform vendor security assessments and onsite audits to ensure adherence to contractual obligations, including negotiating appropriate security language in vendor agreements
• Assure the management of IT audit action plan remediation
• Develop and implement sustainment and monitoring processes to assure compliance with security requirements within HITRUST, SOC 1, SOC 2, HIPAA, and client contracts
• Respond to client security assessments and RFPs, ensuring alignment with internal security policies and applicable regulatory requirements, and participate in client contract negotiations
• Monitor and interpret state and federal cyber regulations (e.g. HIPAA, HITRUST, NIST, CMS, etc.), identify gaps, and recommend updates to security controls and frameworks
• Provide leadership to guide Information Security program projects
• Other duties as assigned

Minimum Qualifications

• Bachelor's degree in an analytical discipline such as Computer Science, Finance, or Sciences or related area of study, or equivalent combination of education and/or related work experience; HS diploma or GED is required
• 5 years of experience in Information Security, Information Technology, Risk Management, Audit or Finance
• Must be eligible to work in the United States without the need for work visa or residency sponsorship

Additional Qualifications

• Ability to manage and prioritize numerous time-critical tasks simultaneously and provide direction to professional staff
• Strong analytical and critical thinking skills
• Project and process management skills, including managing to project budgets and timelines
• Knowledge of Governance, Risk and Compliance area topics
• Solid understanding of regulatory requirements and security frameworks (PCI, HIPAA, SOC1, SOC2, HITRUST, NIST, etc.)
• Working knowledge or experience with security practices, principles and controls
• Leadership and mentoring skills

Preferred Qualifications

• Current industry-recognized security certification (CISSP, CISA, CRISC, CISM, etc.)
• Master's degree in an analytical discipline such as Computer Science, Finance, or Sciences or related area of study
• Experience developing and producing security metrics and reporting, communications and policies
• Experience in a highly regulated industry, health care preferred
• Experience conducting security assessments across a range of frameworks including PCI, HITRUST, SOC 1, SOC 2, HIPAA, ISO, NIST, and/or CoBIT.
• Experience responding to client RFPs and contract negotiations in the healthcare or public sector industries

Every employee must understand, comply with and attest to the security responsibilities and security controls unique to their job, and comply with all applicable legal, regulatory, and contractual requirements and internal policies and procedures

Every employee must be able to perform the essential functions of the job and, if requested, reasonable accommodations will be made to enable employees with disabilities to perform the essential functions, absent undue hardship. In addition, Prime retains the right to change or assign other duties to this job.

Potential pay for this position ranges from $94,000.00 - $160,000.00 based on experience and skills.

Prime Therapeutics LLC is proud to be an equal opportunity and affirmative action employer. We encourage diverse candidates to apply, and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sex (including pregnancy), national origin, disability, age, veteran status, or any other legally protected class under federal, state, or local law.  

We welcome people of different backgrounds, experiences, abilities, and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law.

Prime Therapeutics LLC is a Tobacco-Free Workplace employer.

Positions will be posted for a minimum of five consecutive workdays.