SECURITY ANALYST

Overview

TheRisk & Compliance team is essential to the success of BrightSpring s InformationSecurity Program.

We reall about risk and strategy: We start with a risk based approach to understandwhat to take action on and why; Build organizational alignment and communicatethe standardized approach to address risk; Mobilize risk remediation byidentifying, coordinating and applying the resources (people, process, andtechnology) needed for action; Then we formalize the new and enhanced controlsto help us understand the effect of change on risk so that we can continue toiterate and improve.

Responsibilities:

Proactively monitors thethreat landscape and current controls to evaluate the effectiveness of thesecurity tools and works with internal and external stakeholders to implementappropriate safeguards and controls.

Develop and implement security controls to reduce the likelihoodand impact of security incidents.

Assists in performing riskassessments of internal and external applications/solutions to determine theiradherence to security controls, BSH s policies, standards and industry bestpractices, and maintains ongoing safeguards andaccess controls.

Performs audits onprocesses to ensure compliance with security policies, procedures and bestpractices.

Assists in updates toenterprise information security policies, technical standards, guidelines, andprocedures necessary to support information security in compliance withestablished company policies, regulatory requirements, and generally acceptedinformation security controls.

Makes recommendations onIT security administration issues, coordinating with users to determinerequirements, and ensuring system improvements are successfully implemented andmonitored, finding ways to increase efficiency.

Assesses current andplanned applications and systems, identifying security protection issues andproactively identifying and modifying controls to protect against sophisticatedcyber- attacks.

• Collaborates across the organization and with external parties to remediate security gaps.
• Communicates security risks and solutions to business partners and IT staff as needed.
• Stay up-to-date on the latest security threats and trends.
• Formulate security configuration and operational standards for IT systems/applications.
• Design and develop internal controls to mitigate security risks and related opportunities for internal controls improvement.
• Work with other IT staff to ensure the security of the organization's systems and data.
• Provide assistance in security incidents resolution.

Qualifications:

• 3 years of experience in security risk analysis or a related field
• Strong understanding of security principles and best practices
• Experience with security tools and systems
• Excellent analytical and problem-solving skills
• Excellent written and verbal communication skills
• Ability to work independently and as part of a team

Preferred

• Experience in IT security in a healthcareenvironment.