Senior Analyst, Information Security Governance, Risk, & Compliance

Grow Healthy If you are as passionate about helping those in need as you are about growing your career, consider AltaMed. At AltaMed, your passion for helping others isn’t just welcomed – it’s nurtured, celebrated, and promoted, allowing you to grow while making a meaningful difference. We don’t just serve our communities; we are an integral part of them. By raising the expectations of what a community clinic can deliver, we demonstrate our belief that quality care is for everyone. Our commitment to providing exceptional care, despite any challenges, goes beyond just a job; it’s a calling that drives us forward every day. Job Overview The Senior Analyst, Information Security Governance, Risk, & Compliance will be responsible for the corporate-wide Information Security GRC program. This person will work closely with Information Services, Office of Compliance and Risk Management (OCRM), Legal, HR, and Procurement to ensure reasonable and appropriate IT controls are in place to minimize risk and ensure compliance with AltaMed’s Information Security Policy and Standards, the HIPAA Security Rule, Data Privacy regulations and the Payment Card Industry – Data Security Standards (PCI-DSS). This person will assist with the development, implementation, and maintenance of AltaMed’s Information Security Policies, standards, and guidelines, and be an SME for HIPAA, PCI, and Privacy. Additionally, this person will also be responsible for leading vulnerability management efforts, and vendor and risk management programs, including leading the risk-based change management program, liaising with internal/external auditors to ensure audits lead to a successful outcome, and being responsible for the Security Exception/Risk Acceptance process. The position will also manage, maintain, and administer the company’s IT Risk Register and Information Security Awareness Training program. Minimum Requirements A bachelor’s degree in business, information systems management, or a related field is required. A minimum of 5 years of experience in IT audit or IT risk management is required. Experience in leading security assessments, IT vendor risk assessments, and InfoSec control management. Working knowledge of HIPAA, Privacy, and PCI data requirements, and other state / federal regulatory requirements of sensitive information. Experience with application security, SaaS, and/or cloud security is a plus. Must hold an active Certified Information Systems Security Professional (CISSP) certification. Compensation $121,780.05 - $152,225.07 annually Compensation Disclaimer Actual salary offers are considered by various factors, including budget, experience, skills, education, licensure and certifications, and other business considerations. The range is subject to change. AltaMed is committed to ensuring a fair and competitive compensation package that reflects the candidate's value and the role's strategic importance within the organization. This role may also qualify for discretionary bonuses or incentives. Benefits & Career Development Medical, Dental and Vision insurance 403(b) Retirement savings plans with employer matching contributions Flexible Spending Accounts Commuter Flexible Spending Career Advancement & Development opportunities Paid Time Off & Holidays Paid CME Days Malpractice insurance and tail coverage Tuition Reimbursement Program Corporate Employee Discounts Employee Referral Bonus Program Pet Care Insurance Job Advertisement & Application Compliance Statement AltaMed Health Services Corp. will consider qualified applicants with criminal history pursuant to the California Fair Chance Act and City of Los Angeles Fair Chance Ordinance for Employers. You do not need to disclose your criminal history or participate in a background check until a conditional job offer is made to you. After making a conditional offer and running a background check, if AltaMed Health Service Corp. is concerned about a conviction directly related to the job, you will be given a chance to explain the circumstances surrounding the conviction, provide mitigating evidence, or challenge the accuracy of the background report. As the nation’s largest Federally Qualified Health Center (FQHC), AltaMed is at the forefront of providing affordable, high-quality health care to underserved communities in Los Angeles and Orange Counties. At AltaMed, you will have the opportunity to work with a diverse team of dedicated professionals who are passionate about making a difference and supporting our community of over 400,000 patients. Learn About AltaMed: Click Here AltaMed Health Services Corporation is committed to providing equal employment opportunities for all qualified individuals. We strictly prohibit discrimination in employment based on race, color, creed, religion, marital status, sexual orientation, registered domestic partner status, sex, gender, gender identity or expression, ancestry, national origin, age, medical condition, physical or mental disability, mi Apply tot his job Apply To this Job