Companies you'll love to work for

ITSC Security Analyst

Capital Rx

Capital Rx

IT
New York, NY, USA · Remote
Posted on Jul 20, 2024

Department

Job Title

Capital Rx is redefining the way prescriptions are priced and administered in the U.S. Capital Rx unlocks the pharmacy supply chain and reduces prescription costs for employer groups. By establishing a competitive marketplace for drug pricing, Capital Rx focuses its resources on deploying actionable strategies that improve plan performance and patient outcomes. The company's commitment to innovation, technology, and service is why Capital Rx is the fastest-growing pharmacy benefit manager in America.

Apply For This Position

Technology

ITSC Security Analyst

Location: Remote (For Non-Local) or Hybrid (Local to NYC area)

Position Summary:

The ITSC (IT Security & Compliance) Analyst works collaboratively within the IT department to identify, manage and communicate security risks, implement and monitor security compliance, and respond to audits effectively.

Position Responsibilities:

  • Own problem resolution for routine/tactical user issues, upon escalation from the organization team focusing cyber security related issues.
  • Collaborate with the engineering departments to drive best IT practices.
  • Interface with internal partner teams to help drive best practices and compliance.
  • Evaluate new software solutions with internal partners.
  • Drive deployment of new systems/solutions as needed.
  • Write documentation for end users as needed to facilitate process improvement.
  • Help drive completion of required IT security training in collaboration with Human Resources for applicable employee populations.
  • Evaluate, identify, and remediate the risks associated with current vendors, new vendor acquisitions, and consumer data exchanges.
  • Help run Internal, external and vendor related audits.
  • Conduct security analysis of AWS and deployed software
  • Identify, maintain, and publish the requirements for the IT department to achieve compliance and privacy standards in SOC 2, HITRUST, FedRamp, ISO 27001, URAC, and other standards.
  • Work with the internal team in communicating related security notifications and IT controls within the organization while collaborating with teams and vendors on changes, remediations, and updates.
  • Experience with incident management and defense coordination against emerging cyber threats and critical vulnerabilities
  • Drive use cases to enable threat detection and hunting based on threat intelligence frameworks.
  • Embrace Agile and, particularly, Scrum to drive continuous process improvement.

Required Qualifications:

  • Own problem resolution for routine/tactical user issues, upon escalation from the organization team focusing cyber security related issues.
  • Collaborate with the engineering departments to drive best IT practices.
  • Interface with internal partner teams to help drive best practices and compliance.
  • Evaluate and perform Risk Assessments of new software solutions with internal partners.
  • Drive deployment of new systems/solutions as needed.
  • Write procedure documentation for end users as needed to facilitate process improvement.
  • Help drive completion of required IT security training in collaboration with Human Resources for applicable employee populations.
  • Respond to RFP/RFI requests
  • Evaluate, identify, and remediate the risks associated with current vendors, new vendor acquisitions, and consumer data exchanges.
  • Perform risk oversight of vendor security compliance
  • Help run Internal, external and vendor related audits
  • Conduct security analysis of AWS and deployed software
  • Identify, maintain, and publish the requirements for the IT department to achieve compliance and privacy standards in SOC 2, HITRUST, FedRamp, ISO 27001, URAC, and other standards.
  • Work with the internal team in communicating related security notifications and IT controls within the organization while collaborating with teams and vendors on changes, remediations, and updates.
  • Experience with incident management and defense coordination against emerging cyber threats and critical vulnerabilities
  • Drive use cases to enable threat detection and hunting based on threat intelligence frameworks.
  • Embrace Agile and, particularly, Scrum to drive continuous process improvement.

Preferred Certifications:

  • CCSK

  • CCAK

  • CISA

  • AWS Cloud Practitioner

  • SANS certificates

Base Salary: $125,000 - $135,000

Nothing in this position description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.

About Capital Rx

Capital Rx is a full-service pharmacy benefit manager (PBM) and pharmacy benefit administrator (PBA), advancing our nation’s electronic healthcare infrastructure to improve drug price visibility and patient outcomes. As a Certified B Corp™, Capital Rx is executing its mission through the deployment of JUDI®, the company’s cloud-native enterprise health platform, and a Single-Ledger Model™, which increases visibility and reduces variability in drug prices. JUDI connects every aspect of the pharmacy ecosystem in one efficient, scalable platform, servicing millions of members for Medicare, Medicaid, and commercial plans. Together with its clients, Capital Rx is reimagining the administration of pharmacy benefits and rebuilding trust in healthcare.

Capital Rx values a diverse workplace and celebrates the diversity that each employee brings to the table. We are proud to provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, medical condition, genetic information, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

Apply For This Position