Third Party Risk Analyst

Join to apply for the Third Party Risk Analyst role at Fortified Health Security

Join to apply for the Third Party Risk Analyst role at Fortified Health Security

Direct message the job poster from Fortified Health Security

Under the general direction of the Director of Third-Party Risk Management (TPRM), the TPRM Analyst is responsible for ensuring that TPRM assignments are successfully processed and delivered to our clients. This position requires substantial knowledge of information security frameworks, standards, laws, regulations, and protocols relevant to the healthcare industry. The role includes responsibilities in project management; assessing risks related to information security, third-parties, and regulatory compliance; documentation; report writing, and communication with vendors and clients.

Essential Job Functions

The following duties are normal for this position. The omission of specific statements of duties does not exclude them from being expected of this position if the work is similar, related, or a logical assignment for this position. Other duties may be required.

• Project Management of client TPRM services ensuring proper communication flow, leveled expectations and on time deliverables.
• Maintain working knowledge of Healthcare security/compliance federal, state laws/regulations and third-party standards; including but not limited to HIPAA, HITECH, and NIST.
• Collaborate directly with TPRM clients regarding service delivery, escalation needs, issues, and client needs. Lead routine TPRM Service update calls with client. Prepare agendas for meetings and document key and relevant meeting outcomes. Exceptional written and verbal communication skills are required.
• Engage and communicate with vendors to guide and assist them through the completion of TPRM assessment questionnaires.
• Ensure timely delivery of TPRM vendor assessment reports, monthly status reports, and other service deliverables.
• Document results of third-party risk assessments. Strong experience with risk-based report writing (e.g., documentation of assessment findings, recommendations, executive-level summaries) is required.
• Frequent written communications with clients and third parties related to TPRM Service delivery. Exceptional writing skills are required.

Knowledge & Skills

Education & Experience

• Bachelor's degree in CS / MIS or equivalent experience preferred
• 3+ year(s) experience in the following related areas (experience in all areas below is NOT required):
• Information Security Risk Assessment with focus in Healthcare preferred.
• Remediation and Corrective Action Plan development and implementation.
• Potential and emerging threats, vulnerabilities, and techniques used to control such as technical, physical and administrative controls.
• Security Standards, Architectures, Frameworks and Best Practices such as ISSA, ISO27001/27002, NIST Cybersecurity, and COBIT.
• Experience with compliance-based risk assessments related to International, Federal and State regulatory compliance requirements such as HIPAA, PCI DSS, and GDPR.

Special Skills & Knowledge

• Conceptual understanding of risks of data at rest and in transit.
• Conceptual understanding of encryption technologies
• Conceptual understanding of network connectivity requirements for solutions to function within an organization, and network connectivity requirements associated with vendor support and ongoing update requirements.
• Conceptual understanding of device update processes (operating systems, firmware, etc.)
• Conceptual understanding of physical access risks and remote access risks
• Conceptual understanding of internet-facing risks (patch vulnerabilities, application vulnerabilities, end of support software version deployments, etc.)
• Security certification such as HITRUST, CISSP, CISM, CISA, CEH, GIAC, CHP, CHPS, and third-party focus preferred.

Requirements

Supervisory Responsibility

Working Conditions & Travel Requirements

• Remote
• Travel as needed.

Fortified Health Security is an Equal Opportunity Employer. In compliance with the Americans with Disabilities Act, Fortified Health Security will provide reasonable accommodations to qualified individuals with disabilities.If a reasonable accommodation is needed to perform this position, you need to inform Fortified Health Security People and Culture Team of such request. Signatures below indicate the receipt and review of this job description by the associate assigned to the position and the People and Culture Team.

• Seniority level
  Associate

• Employment type
  Full-time

• Job function
  Consulting
• Industries
  Computer and Network Security

Referrals increase your chances of interviewing at Fortified Health Security by 2x

Vision insurance

Medical insurance

401(k)

Paid paternity leave

Paid maternity leave

Get notified when a new job is posted.

Philadelphia, PA $85,000.00-$90,000.00 1 week ago

United States $102,000.00-$125,000.00 2 weeks ago

United States $120,000.00-$135,000.00 2 weeks ago

King of Prussia, PA $200,000.00-$250,000.00 3 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.