Sr. Security Risk Assessment Analyst

Who We Are

Point32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities.

At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and expertise to help people find their version of healthier living through a broad range of health plans and tools that make navigating health and wellbeing easier.

We enjoy the important work we do every day in service to our members, partners, colleagues and communities. To learn more about who we are at Point32Health, click .

Job Summary

The Sr. Risk Assessment Analyst is part of the Risk Assessment Services team and is responsible for assessing changes introduced in to the organization, e.

g., technology, third-party vendor / provider, determining the inherent risk introduced, and collaborating with business and technology stakeholders to ensure that identified security concerns are appropriately addressed.

Members of Risk Assessment team are responsible for periodically reevaluating the security of existing technology and third-party relationships, based upon risk or other events.

Key Responsibilities / Duties what you will be doing

Assess inherent risks introduced by new or materially changed technology solutions (e.g., SaaS applications, cloud environments, applications, etc.

and third-party relationships and collaborate in partnership with vendors, technology SMEs, and business leaders to ensure that identified security concerns are appropriately addressed before being introduced for use by colleagues, customers, etc.

• Participate as a project stakeholder, provide security consultation and guidance to technology and business stakeholders to help ensure that security concerns are effectively communicated in terms that are understood by the appropriate audience.
• Effectively represent Point32Health's security policy requirements and corresponding security control objectives to assist in effectively communicating and / or working through alternative controls that will achieve the same security control objective.
• Periodically reassess third-party relationships and implemented technology solutions to ensure that the controls continue to meet security expectations to address the current cyber threat landscape.

Qualifications what you need to perform the job

• At least five (5) years working in a cyber / information security field that included frequent engagement with both technology and business stakeholders.
• Expertise in at least two of the following : networking, identity / access management, code development, compliance, auditing, cloud computing, penetration testing, threat management, threat detection & response, risk assessment services, disaster recovery, privacy
• Excellent written and verbal communications skills. Ability to effectively collaborate, educate, and influence technology and business leaders
• Flexible workstyle; open to unexpected changes and reprioritization requests
• Positive attitude and friendly personality. Always eager to help others and to support the needs of the team and the broader Cyber & Information Security department.
• A bachelor's degree in cyber / information security, information technology, or related field is preferred but not required.

Relevant experience and industry recognized certifications provide sufficient alternative assurances.

Compensation & Total Rewards Overview

As part of our comprehensive total rewards program, colleagues are also eligible for variable pay. Eligibility for any bonus, commission, benefits, or any other form of compensation and benefits remains in the Company's sole discretion and may be modified at the Company’s sole discretion, consistent with the law.

Point32Health offers their Colleagues a competitive and comprehensive total rewards package which currently includes :

Medical, dental and vision coverage

Retirement plans

Paid time off

Employer-paid life and disability insurance with additional buy-up coverage options

Tuition program

Well-being benefits

Full suite of benefits to support career development, individual & family health, and financial health

Commitment to Diversity, Equity, Inclusion, Accessibility (DEIA) and Health Equity

Point32Health is committed to making diversity, equity, inclusion, accessibility and health equity part of everything we do from product design to the workforce driving that innovation.

Our Diversity, Equity, Inclusion, Accessibility (DEIA) and Health Equity team's strategy is deeply connected to our core values and will evolve as the changing nature of work shifts.

Programming, events, and an inclusion infrastructure play a role in how we spread cultural awareness, train people leaders on engaging with their teams and provide parameters on how to recruit and retain talented and dynamic talent.

We welcome all applicants and qualified individuals, who will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.