Senior Information Security Analyst (HIPAA / GRC ) (US, Field)
$111,750–$167,500 year
On-site · Andover, Massachusetts, United States
Job Summary
Senior Information Security Analyst focused on HIPAA programme governance; own the annual HIPAA programme, plan the schedule, coordinate with partners, oversee the Security Risk Assessment, shape its scope, and ensure delivery with third party specialists. Conduct security assessments on IT systems, record outcomes and track actions, maintain Onetrust documentation, monitor HIPAA-law changes, support updates to internal policy, and provide insights to leadership and the Steering Committee. Demonstrates hands-on security experience combined with organization and leadership to translate security controls into actionable activities and drive continuous improvement of the HIPAA programme over time.
Required Qualifications
- Bachelor's degree in Computer Science or related subject
- At least 5 years in Information Security, some experience in a compliance function
- At least 2 years working on HIPAA compliance
- At least 3 years in Program or Project Management
- Experience deploying and assessing information security controls
- Familiarity with HIPAA, GDPR, ISO27001, HiTrust or NIST frameworks
- Experience with OneTrust or IT risk management platforms
- Travel requirements: <5%
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.