Associate Cybersecurity Risk Analyst

The Associate Cybersecurity Risk Analyst is a member of FinThrive’s Information Security team. The Information Security team is responsible for strategy, execution, and governance of information security at FinThrive. In the Associate Cybersecurity Risk Analyst role, you will be supporting the Information Security team’s objectives of conducting third party security risk assessments, conducting enterprise-wide security risk assessments, ensuring compliance with regulatory and contractual security requirements, and leading special projects that build our security program.

What you will do

• Third Party Risk Management:
• Partner in operationalizing third party security risk management to all areas of the business, by identifying, assessing, and communicating risk introduced by third parties, and recommending remediation and/or mitigation strategies
• Assist with updates and development of Third-Party related policies, procedures, training, and communication of the program across the enterprise.
• Enterprise Security Risk Management:
• Manage our risk register and perform enterprise level security risk analysis, including identifying risks, impact, and developing corrective action plans to address risks
• Lead cross functional security initiatives and special projects
• Develop metrics and provide leadership with status reporting on operational initiatives and KRIs
• Create presentation materials and lead discussion for key stakeholder meetings
• Supports FinThrive’s Audit and Compliance Program by understanding and facilitating adherence to HITRUST, HIPAA, SOC, and other requirements from an information security perspective
• Represent and advocate for continually improving FinThrive’s security posture
• Assist in the development and implementation of security policies and procedures
• Maintain expertise in industry trends, cybersecurity frameworks, and best practices

What you will bring

• Up to 3 years of experience in information security or risk management
• 1 year of 3 rd party risk Management
• A strong understanding of risk management frameworks and methodologies (threats, risks, controls)
• Eagerness to learn and implement new technologies and processes (GRC platforms, AI and automation tools, etc.)
• Critical thinking, ability to analyze problems and propose solutions
• Detail-oriented with strong organization, prioritization, and time management skills
• Ability to lead presentations and communicate technical concepts to a variety of stakeholders
• Ability to lead security initiatives and grow security programs
• Familiarity with SaaS architecture, web applications, Microsoft Office products, and cloud environments

What we would like to see

• Bachelor's degree in Computer Science, Information Technology, or related field
• Experience working with Azure and GRC tools
• An industry certification such as CompTIA Security+ or equivalent

About FinThrive

FinThrive is advancing the healthcare economy.
For the most recent information on FinThrive’s vision for healthcare revenue management visit finthrive.com/why-finthrive .

Award-winning Culture of Customer-centricity and Reliability

At FinThrive we’re proud of our agile and committed culture, which makes FinThrive an exceptional place to work. Explore our latest workplace recognitions at https://finthrive.com/careers#culture .

Our Perks and Benefits

FinThrive is committed to continually enhancing the colleague experience by actively seeking new perks and benefits. For the most up-to-date offerings visit finthrive.com/careers-benefits .

FinThrive’s Core Values and Expectations

• Demonstrate integrity and ethics in day-to-day tasks and decision making, adhere to FinThrive’s core values of being Customer-Centric, Agile, Reliable and Engaged, operate effectively in the FinThrive environment and the environment of the work group, maintain a focus on self-development and seek out continuous feedback and learning opportunities
• Support FinThrive’s Compliance Program by adhering to policies and procedures pertaining to HIPAA, FCRA, GLBA and other laws applicable to FinThrive’s business practices; this includes becoming familiar with FinThrive’s Code of Ethics, attending training as required, notifying management or FinThrive’s Helpline when there is a compliance concern or incident, HIPAA-compliant handling of patient information, and demonstrable awareness of confidentiality obligations

The physical demands and work environment characteristics described here are representative of those that a colleague must meet to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Statement of EEO
FinThrive values diversity and belonging and is proud to be an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. We're committed to providing reasonable accommodation for qualified applicants with disabilities in our job application and recruitment process.