Analyst, Information Security GRC

Extraordinary Careers. Endless Possibilities.

With the nation's largest home infusion provider, there is no limit to the growth of your career.

Option Care Health, Inc. is the largest independent home and alternate site infusion services provider in the United States. With over 8,000 team members including 5,000 clinicians, we work compassionately to elevate standards of care for patients with acute and chronic conditions in all 50 states. Through our clinical leadership, expertise and national scale, Option Care Health is re-imagining the infusion care experience for patients, customers and team members.

Join a company that is taking action to develop an inclusive, respectful, engaging and rewarding culture for all team members. At Option Care Health your voice is heard, your work is valued, and you're empowered to grow. Cultivating a team with a variety of talents, backgrounds and perspectives makes us stronger, innovative, and more impactful. Our organization requires extraordinary people to provide extraordinary care, so we are investing in a culture that attracts, hires and retains the best and brightest talent in healthcare.

Job Description Summary :

The Security Analyst is an information security role focused on supporting IT policies, processes, oversight, and response related to corporate wide regulatory and contractual obligations. The Analyst will also be responsible for supporting Option Care Health Sarbanes-Oxley (SOX) technical and other regulatory requirements such as SOC 2 and requests provided by Option Care Health internal and external auditors. Other critical support areas include Security Awareness and Training, Third Party Risk, and Information Security Risk Management. The Security Analyst will also support Option Care Health access management program, ensuring that users have appropriate access to key applications, based upon their roles.

Job Description : ?

Job Responsibilities (listed in order of importance and / or time spent)

Responsible for supporting the corporate-wide IT compliance with regulations and certifications, such as Sarbanes-Oxley (Sox), SOC 2, Payment Card Industry and others.

Work with the business and internal / external auditors to ensure accurate and timely completion of IT SOX testing plan and other requests.

Responsible for supporting Security Awareness and Training initiatives

Responsible for supporting the Third Pary Risk Management and Information Security risk management processes.

Responsible for enhancing enterprise-wide access management policy, standards, process and audit to ensure compliance with all national standards and regulations.

Responsible for enhancing of all access management; confirming proper access roles for key systems on a quarterly basis across the enterprise.

Prepares, collects and analyzes Information Security metrics related materials and documentation in conjunction with numerous InfoSec projects and day-to-day operations as well as SOX Compliance.

Responsible for any IT or Information Security tasks assigned in support of overarching infosec governance, risk and compliance.

Supervisory Responsibilities

Does this position have supervisory responsibilities?

(I.e. hiring, recommending / approving promotions and pay increases, scheduling, performance reviews, discipline, etc.)

• No

Basic Education and / or Experience Requirements

Bachelor's degree and at least 1- 2 years' experience in Information Security field and / or IDAM or business analyst position.

Basic Qualifications & Interests (BQIs)

Experience with data analysis and analytics, including metrics development

Demonstrates initiative, able to work independently with minimal supervision yet can work well in a team environment and is customer focused.

Exceptional MS Excel Skills

Experience with audits and audit reviews

Background and experience with Information Security Governance, Risk and / or Compliance programs

Excellent verbal and written communication skills to collect analyze and present data. Excellent data analysis, reporting and problem-solving skills.

Travel Requirements : (If Required)

Preferred Qualifications & Interests (PQIs)

Bachelor's degree in Information Security, Computer Science, Analytics, Education, English, Law or related field,

Knowledge of Access management & maintaining access management

Information Security Certification

Understanding of SOC 2; experience working and / or leading SOC evidence collection.

Understanding of Sarbanes-Oxley; experience working with External and Internal Auditors.

Knowledge and experience with risk management

Due to state pay transparency laws, the full range for the position is below :

Salary to be determined by the applicant's education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data.

Pay Range is $62,386.44-$103,999.91

Benefits :

Option Care Health subscribes to a policy of equal employment opportunity, making employment available without regard to race, color, religion, national origin, citizenship status according to the Immigration Reform and Control Act of 1986, sex, sexual orientation, gender identity, age, disability, veteran status, or genetic information.

For over 40 years, Option Care Health has provided adult and pediatric patients with an alternative to hospital infusion therapy. With more than 2,900 clinical experts, Option Care Health is able to provide high-quality infusion services for nearly all patients with acute and chronic conditions across the United States, resulting in high quality outcomes at a significantly reduced cost. Option Care Health has more than 70 infusion pharmacies and 100 alternate treatment sites. We are guided by our purpose to provide extraordinary care that changes lives through a comprehensive approach to care along every step of the infusion therapy process including : intake coordination, insurance authorization, resources for financial assistance, education and customized treatments.