Sr. IT Security Risk Analyst
Establishes policies and procedures necessary to ensure the security of information system assets and to protect them from intentional or inadvertent access, disclosure, or destruction in accordance with company policies and industry standards such as HIPAA, Sarbanes-Oxley, SAS70, DIACAP, and PCI. Ensures that user community understands and adheres to necessary procedures to maintain security. Must be able to weigh business needs against security concerns and articulate issues and options to management. Performs risk assessments for sensitive internal and external systems and perform threat modeling.
- Develops procedures necessary to ensure the security of information system assets and to protect them from intentional or inadvertent access, disclosure, or destruction.
- Assists project teams in the implementation of security measures to meet corporate security policies and external regulations, e.g., Sarbanes Oxley and DIACAP.
- Assists in the performs risk assessments and security audits of internal and external facilities against established standards.
- Maintains appropriate security documentation for applications and systems.
- Assists in the communication and implementation of components of the ESI security awareness program.
- Performs additional duties as assigned.
- Bachelor’s degree in computer related field
- Five to eight years of relevant working experience; at least 3 years of experience in IT Security
- Certification in information security (CISSP, CISM, or equivalent) preferred
- Familiarity with external regulations, e.g., DIACAP, HIPAA, Sarbanes-Oxley; Strong understanding of information security principles; Familiarity with domain structures, user authentication, and digital signatures; Understanding of data communication networks; Experience with security tools and systems; PC skills including knowledge of Microsoft Office
- Excellent organizational skills and ability to communicate with internal/external entities and executives a must;
- Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities;
- Customer service-oriented;
- Ability to work in a flexible environment where requirements and procedures continuously evolve;
- Ability to multi-task and manage time effectively
ABOUT THE DEPARTMENT
Technology - Information Security
Do you enjoy the challenge of defending an enterprise from security breaches? Come put your skills to work at an organization trusted to protect client, patient and company data amid the ever-changing landscape of information security threats and risks. Our cyber defenders are challenged and trusted with maintaining our secure infrastructure day in and day out, while delivering an enterprise computing environment that is resilient to breaches and disruptions. If you’re as passionate about data security as we are and want to be at the center of our noble mission to make healthcare safer and more affordable, explore our opportunities.
Advance your career with the company that makes it easier for people to choose better health. Express Scripts is a leading healthcare company serving tens of millions of consumers. We are looking for individuals who are passionate, creative and committed to creating systems and service solutions that promote better health outcomes. Join the company that Fortune magazine ranked as one of the 'Most Admired Companies' in the pharmacy category. Then, use your intelligence, creativity, integrity and hard work to help us enhance our products and services. We offer a highly competitive base salary and a comprehensive benefits program, including medical, prescription drug, dental, vision, 401(k) with company match, life insurance, paid time off, tuition assistance and an employee stock purchase plan.
Express Scripts is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. Applicants must be able to pass a drug test and background investigation. Express Scripts is a VEVRAA Federal Contractor.
Company Type: Public Company
Company Size: 5,001-10,000