Sodexo is currently seeking a dynamic
Information Security Risk Analyst focused on our Healthcare Segment. This is an exciting opportunity to join our growing information security team with one of the world's largest employers.
This is a remote position, candidates may reside anywhere within the U.S.
Key responsibilities include the following:
- Review risk assessment documentation (questionnaires, penetration tests, architecture, SOC2 etc.) of SaaS vendors across the Sodexo Healthcare Services portfolio to determine risk level, provide recommendations for risk mitigation, and follow-up on progress.
- Regularly review IT security roadmap, SDLC and compliance documentation of internal and SaaS based Healthcare IT solutions, ensuring documentation is current and validated.
- Conduct regular IT security risk and vulnerability assessments of Healthcare IT solutions and vendors under the direction of the VP of IT & Cyber Security and Sodexo Healthcare Leadership.
- Provide regular performance metrics and reporting of the security posture of Healthcare IT solutions and vendors when requested by clients and team members.
- Create and maintain detailed documentation of the security controls within Healthcare IT solutions and map the controls to industry regulations and standards: ISO 27001, NIST, HIPAA / HITECH, etc. as appropriate.
- Assist Healthcare team members with completing IT security components of RFP and vendor risk due diligence inquiries from clients.
- Assist with incident management as needed.
- Other duties as needed.
The successful candidate will possess the following:
- Associates Degree or equivalent experience
- 2 years of experience in Information Security
- Mid-level background in information security technologies, architecture, and best practices (Examples include OWASP, CISSP domains)
- Strong documentation skills.
- Educational background in information security audit, or interest and willingness to learn. High -level familiarity with risk management standards, such as ISO 27001/003, NIST, etc.
- Basic project management skills a plus.
- Familiarity with Healthcare IT challenges and solutions a plus
- Strong communication skills
At Sodexo, we believe every employee should have the resources to be their best. As part of our overall rewards, we offer benefits programs designed to help you maintain a healthy lifestyle including health, dental and vision insurance. We also offer other benefits like paid time off, financial and savings programs, 401k, and access to our employee assistance program and other discounts. Click here for more information about Sodexo’s Benefits.
Not the job for you?
At Sodexo, we offer positions that support a variety of career goals working in diverse business segments, including Corporate Headquarters, Corporate, Schools, Universities, Government and Agencies, Healthcare, Senior Living and Sports and Leisure locations across the United States. Continue your search today.
Working for Sodexo:
How far will your ambition, talent and dedication take you? Sodexo fosters a culture committed to the growth of individuals through continuous learning, mentoring and career growth opportunities.
Compensation range $50,000-$70,000 depending on experience & geography
Position Summary
Under limited supervision, performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. Interfaces with user community to understand their security needs and implements procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security. Conducts accurate evaluation of the level of security required. Provides management with status reports.
Qualifications & Requirements
Basic Education Requirement - Associate's Degree or equivalent experience
Basic Functional Experience - 2 years of experience in information security
Sodexo is an EEO/AA/Minority/Female/Disability/Veteran employer.