We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Neighborhood Health Plan of Rhode Island jobs

Senior Information Security Analyst (43555)

Neighborhood Health Plan of Rhode Island
United States, Rhode Island, Smithfield
910 Douglas Pike (Show on map)
Dec 26, 2025
Description

This position will work closely with the Enterprise Risk and Information Security Officer to provide timely and quality service to ensure compliance with Neighborhoods information security and risk policies and procedures. This position will be responsible for maintaining continuous monitoring of activities in support of the HiTrust control framework. The Information Security Senior Analyst is a member of an oversight function and supports information security, risk, and compliance governance across the enterprise. This role will assist in establishing information security requirements through the evaluation and understanding of business strategies and processes, developing applicable information security standards, executing control assessments to provide recommendations and develop requirements to remediate identified control gaps.

Duties and Responsibilities

Responsibilities include, but are not limited to, the following:



  • Responsible for the continuous monitoring program to assert the control environment is operating effectively.
  • Develop Security Control Monitoring Test Plans and Schedule.
  • Establish ownership of the controls, schedule regular assessments, and testing.
  • Report control failures, and gaps to stakeholders, provide recommendations and assist in developing solutions, and prepare management reports to track remediation activities.
  • Development and implementation of security policies, procedures and requirements, as well as, collaboration with control owners to help implement and track enforcement of output.
  • Performs technology risk and controls assessments such as account control assessments for systems, applications, infrastructure, and operational processes.
  • Tracks corrective action plans for identified information security issues.
  • Maintains inventory of exceptions to Information Security policy, standard, control, and configuration requirements.
  • Manages priorities, performs tasks in an orderly fashion, and meets time deadlines.
  • Demonstrates agility and is flexible with changing priorities.
  • Development of Key IT Metrics (KPIs and KRIs) and prepares reports for the Enterprise Risk and Information Security Officer and Senior Leadership, reporting on Information Security program achievements, successes, challenges and opportunities for improvement
  • Performs other duties as required.
  • Corporate Compliance Responsibility - As an essential function, responsible for complying with Neighborhoods Corporate Compliance Program, Standards of Business Conduct, applicable contracts, laws, rules and regulations, policies and procedures as it applies to individual job duties, the department, and the Company. This position must exercise due diligence to prevent, detect and report unlawful and/or unethical conduct by fellow co-workers, professional affiliates and/or agents.

Qualifications

Qualifications

Required:



  • Bachelors degree in computer science, information systems, or related field or sufficient education and relevant work experience to equate to a degree.
  • Minimum of five (5) years experience in an information security or IT related professional role.
  • Knowledge of security issues, techniques, and implications across computing platforms.
  • Implementing and reporting on Continuous Monitoring of information security, risk & privacy controls
  • Sound knowledge of NIST Cyber Security Framework, Risk Management Framework, and Cloud Security Alliance - Cloud Security Controls matrix.
  • Experience in Information Security best practices
  • Strong written and verbal communication skills, professional attitude, and excellent references.


Preferred:



  • Experience in Information Security, for insurance, or healthcare/health plan industries
  • Information Security certification (CISSP, CISM, CISA, or Security+)
  • Experience with Governance/Risk/Compliance (GRC) tools
  • Experience in developing, communicating, and executing new programs
  • An aptitude for data collection and analysis, statistics, visual presentation methods and process mapping and modeling.
  • Experience reporting\presenting to the senior management, the Board, and/or Committees of the Board on the status of information security.

Applied = 0
MORE JOBS LIKE THIS

(web-df9ddb7dc-h6wrt)