INFORMATION SECURITY ANALYST – CUSTOMER SECURITY ASSURANCE 

Medicom Technologies, Inc. - Phoenix

COMPANY OVERVIEW

Medicom is a high-growth healthcare technology company that is dedicated to creating innovative solutions for patients, health systems, and life sciences companies. Medicom's core technology is a health information network that connects disparate PACS, EMRs, EHRs, and RIS' so that information can be easily located, accessed, and shared across various healthcare enterprises.

Medicom is looking for people who share a high level of passion, drive, and commitment to Medicom’s stakeholders. We are growing our teams of talented individuals, and we are eager to take on new challenges. Every member of our organization embodies our core values so every network participant from patient to physician has the opportunity to build a trusting relationship with our organization.

Please read more about our company at www.home.medicom.us.

JOB SUMMARY

Medicom Technologies is seeking a forward-thinking, experienced analyst to join our GRC team. This person should enjoy working in a fast-paced environment where adaptability and flexibility will be key to their success. The successful candidate should have deep knowledge and experience in the following core areas: information security, risk management, cybersecurity governance, risk and compliance, and process development.

• Assess customer security requirements and Medicom’s ability to meet those requirements. 

• Research and preparation of custom answers to client questions, the preparation of standard security "artifacts" to demonstrate security of information, the response to customer audit. demands and the response to unsolicited external scanning.

• Communicate with other business units to determine the applicability and scope of questionnaires.

• Engage in customer discussions regarding risk and compliance alongside the sales team. 

• Develops written reports with technical security analyses, summaries, and recommendations for action.

• Provides subject matter expert analysis, evaluation, and recommendations based on national security standards (NIST), industry best practices (ISO), and implementation specifications of the HIPAA Security Rule.

Requirements:

• 5 + years’ experience in an information security, security analyst or related role.

• Strong knowledge of and experience in security risk management and with frameworks including related regulatory compliance requirements (e.g., SOC 1/2, HITRUST, FedRAMP, HIPAA, GDPR).

• Ability to communicate risk effectively to stakeholders within the organization.

• Proven ability to manage risk and projects in a face-paced environment.

• BS in Information Technology, Management, Business Administration, or extensive related area work experience.