Senior Analyst - Information Security (remote)

Job Locations Remote
Job ID


CareCentrix seeks an experienced Information Security Analyst to join its Information Security team, with primary responsibility in executing its Governance, Risk and Compliance (GRC) program. This individual is directly responsible for working with senior management, compliance, legal, and Business Technology leaders to complete internal, vendor, and third party risk assessments; manage internal and third party risk; and to apply the company’s risk governance program.


The right candidate has strong technical skills, excellent verbal and written communication skills, a proven history of increasing responsibility in information security, the ability to work in a fast-paced team environment, and a passion for mentoring and teaching about information security.



  • Assist in developing and implementing CareCentrix’s Governance, Risk and Compliance (GRC) program
  • Respond to RFPs and client security assessments accurately and in a timely manner
  • Drive recurring risk assessments in a timely manner with little supervision or direction
  • Conduct third party risk assessments
  • Assist the Director of Security in tracking identified risks and exceptions, and managing to resolution
  • Collaborate with clients, internal partners, and third parties to prioritize, mitigate and resolve identified risks
  • Identify and drive risk scenarios to actualize risk and risk remediation activities
  • Establish and maintain the highest level of credibility and trust with business partners and leadership while recommending initiatives, communicating risks, and proposing solutions
  • Identify and implement opportunities to drive effectiveness and efficiency into the IT Risk Management process
  • Help lead organization-wide information security initiatives
  • Provide insight into CareCentrix’s information security roadmap


  • Bachelor’s Degree in Computer Science with a focus in Information Security or equivalent experience required
  • 6+ years’ experience in information security
  • 2 or more years’ experience in risk assessment, including HITRUST CSF, CISSP, CRISC or CISM, and be a Certified HITRUST Common Security Framework Practitioner is strongly preferred
  • Previous experience in healthcare or insurance information security is a plus
  • Must have proven track record of successful IT risk management
  • Must have previous experience in the vendor risk management lifecycle
  • Demonstrated passion about information security and commitment to continued education via ISC2’s CISSP or related management and technical information security accreditations


CareCentrix maintains a drug-free workplace in accordance with Florida’s Drug Free Workplace Law.


We are an equal opportunity employer. Employment selection and related decisions are made without regard to age, race, color, national origin, religion, sex, disability, sexual orientation, gender identification, or being a qualified disabled veteran or qualified veteran of the Vietnam era or any other category protected by Federal or State law.



Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed