Loading...

IT Security, Professional, Security Analyst

IT Security, Professional, Security Analyst

Headquarters Office, 625 State Street, Schenectady, New York, United States of America Req #1304

Wednesday, October 26, 2022

Over 35 years strong and fueled by 1,700 smart, passionate employees across New York state and Vermont, MVP is full of opportunities to grow. We are a nationally recognized, award-winning leader for a reason. The beating heart of our company is a wide range of employees from a diverse set of backgrounds-tech people, numbers people, even people people-working together to make health insurance better. If you are ready to join a thriving, mission-driven company where you can create your own opportunities and make a positive difference-its time to make a healthy career move to MVP!

There are some positions at MVP where your work may require an onsite or community component. When working in an MVP office and/or in the community on behalf of MVP, you must be fully vaccinated against COVID-19, and have received the first booster dose within one month of eligibility.

Full-Time, Exempt

This position will be responsible for ensuring MVPs security policies and procedures are maintained and comply with all internal and external regulations and requirements. The Security Analyst is responsible for knowing all applicable health and governmental regulations, how and where these regulations relate to MVP, as well as the impact of the security requirements on business-critical systems. The Security Analyst will work with the Security Team, under the leadership of the CISO, on IT security oversight and compliance and provide hands-on assistance as appropriate to ensure success. In addition, the Security Analyst is directly involved in supporting various audit activities and serves as the liaison between the auditors, the various business units and MVP leadership.

Responsibilities include:

  • Develop, implement, and communicate IT and Corporate security policy, standards, best practices, guidance, and procedures
  • Work with Business on the creation of Process and Procedure documentation. Provide compliance oversight through regular audits of business units.
  • Providing advice on addressing IT information security issues
  • Assist with the development of policy awareness efforts and materials for distribution to the user community.
  • Draft, review, and comment as needed on translating federal requirements into Department policies and requirements, including, but not limited to: NIST publications, DFS guidance and requirements, CMS and HIPAA.
  • Implement HIPAA and HITRUST assessments and implement CSF framework controls to ensure compliance.
  • Ensure security vulnerability and risk assessments are conducted as appropriate on any system upgrades, software/hardware changes, etc. Provide oversight and communication as necessary.
  • Provide third party oversight including review of contracts, Business Associate Agreements, Information Security Questionnaires, and other artifacts such SOC2 and HITRUST reports.
  • Work with Risk Management team to ensure Business Continuance plans are up to date. Assist with regular table-top exercise.
  • Oversight of Disaster Recovery Process. Assist with Annual DR testing and DR report to executive leadership.
  • Support annual recertification of accounts – ensure new accounts have appropriate access and any inactive accounts are deactivated. Provide hands-on assistance to Business Units as necessary.
  • Create Cybersecurity dashboard and presentations for Board Risk and Compliance Committee.
  • Manage and maintain IT security Risk Register. Coordinate with Enterprise Risk Team to ensure all risks are tracked and actively worked on for remediation. Work with business to identify and manage risks associated with policy violations and exceptions.

Position Qualifications

Minimum Education:
Bachelors Degree, or an equivalent combination of formal education and experience.


Minimum Experience:
Candidates should be well-versed in risk management, knowledge regarding SDLC, and perform in security tasks throughout.
Working understanding of HIPAA compliance, requirements of all phases of Certification and Accreditation (C&A) and creating documentation in accordance with NIST guidance.
Candidate should have strong analytical and organizational skills.
Candidate should have concise writing skills, excellent MS Word skills as well as other MS Office Applications.
Personnel shall be well versed with NIST publications and other Health related publications and their requirements and impact on system security.

About MVP
MVP Health Care is a nationally recognized, not-for-profit health insurer caring for more than 700,000 members in New York and Vermont. Committed to the complete well-being of our members and the communities we serve, MVP makes health insurance more convenient, more supportive, and more personal. We are powered by the ideas and energy of more than 1,700 diverse, employees from all backgrounds, committed to having a positive impact on the health and wellness of everyone we serve. MVP Health Care is an Affirmative Action/ Equal Employment Opportunity (PDF). We recruit, employ, train, compensate, and promote without regard to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, disability, genetic information, veteran status, or any other basis, e.g., Pay Transparency (PDF), and the EEO is the Law Poster and Supplement protected by applicable federal, state or local law. Any person with a disability needing special accommodations to the application process, please contact Human Resources at hr@mvphealthcare.com

Please apply and learn more – including how you may become a proud member of our team.

Other details

  • Job Family Information Technology & Transformation Services
  • Pay Type Salary

Apply Now

initStaticMap(true); {“@context”:”https://schema.org/”,”@type”:”JobPosting”,”title”:”IT Security, Professional, Security Analyst”,”datePosted”:”2022-10-26T00:00:00″,”validThrough”:null,”description”:”Full-Time, ExemptThis position will be responsible for ensuring MVPs security policies and procedures are maintained and comply with all internal and external regulations and requirements. The Security Analyst is responsible for knowing all applicable health and governmental regulations, how and where these regulations relate to MVP, as well as the impact of the security requirements on business-critical systems. The Security Analyst will work with the Security Team, under the leadership of the CISO, on IT security oversight and compliance and provide hands-on assistance as appropriate to ensure success. In addition, the Security Analyst is directly involved in
supporting various audit activities and serves as the liaison between the
auditors, the various business units and MVP leadership.
Responsibilities include:Develop,
implement, and communicate IT and Corporate security policy, standards,
best practices, guidance, and proceduresWork with Business on the
creation of Process and Procedure documentation. Provide compliance
oversight through regular audits of business units.Providing advice on addressing
IT information security issues Assist with the development of
policy awareness efforts and materials for distribution to the user
community. Draft, review, and comment as
needed on translating federal requirements into Department policies and
requirements, including, but not limited to: NIST publications, DFS
guidance and requirements, CMS and HIPAA.Implement HIPAA and HITRUST
assessments and implement CSF framework controls to ensure compliance.Ensure security vulnerability
and risk assessments are conducted as appropriate on any system upgrades,
software/hardware changes, etc. Provide oversight and communication as
necessary.Provide third party oversight
including review of contracts, Business Associate Agreements, Information
Security Questionnaires, and other artifacts such SOC2 and HITRUST
reports.Work with Risk Management team
to ensure Business Continuance plans are up to date. Assist with regular
table-top exercise.Oversight of Disaster Recovery
Process. Assist with Annual DR testing and DR report to executive
leadership.Support annual recertification
of accounts – ensure new accounts have appropriate access and any inactive
accounts are deactivated. Provide hands-on assistance to Business Units as
necessary.Create Cybersecurity dashboard
and presentations for Board Risk and Compliance Committee.Manage
and maintain IT security Risk Register. Coordinate with Enterprise Risk
Team to ensure all risks are tracked and actively worked on for
remediation. Work with business to identify and manage risks associated
with policy violations and exceptions.Position QualificationsMinimum Education:Bachelors Degree, or an equivalent combination of formal education and experience.Minimum Experience:Candidates should be well-versed in risk management, knowledge regarding SDLC, and perform in security tasks throughout.Working understanding of HIPAA compliance, requirements of all phases of Certification and Accreditation (C&A) and creating documentation in accordance with NIST guidance.Candidate should have strong analytical and organizational skills.Candidate should have concise writing skills, excellent MS Word skills as well as other MS Office Applications.Personnel shall be well versed with NIST publications and other Health related publications and their requirements and impact on system security.”,”employmentType”:”FULL_TIME”,”hiringOrganization”:{“@type”:”Organization”,”name”:”MVP Health Care”,”logo”:”https://us63.dayforcehcm.com/CandidatePortal/en-US/mvphealthcare/Go?item=d49ce0ce-e622-4e29-ad2b-621b5daca722″},”jobLocation”:[{“@type”:”Place”,”address”:{“@type”:”PostalAddress”,”streetAddress”:”625 State Street”,”addressLocality”:”Schenectady”,”addressRegion”:”New York”,”postalCode”:”12305″,”addressCountry”:”USA”}}],”jobLocationType”:null,”baseSalary”:{“@type”:”MonetaryAmount”,”value”:{“@type”:”QuantitativeValue”,”value”:null,”minValue”:null,”maxValue”:null,”unitText”:”YEAR”}}}

  • Headquarters Office, 625 State Street, Schenectady, New York, United States of America

Related Jobs

Other similar jobs that might interest you