Security Rick & Compliance Analyst

What you’ll do

In a few words…

Abarca is igniting a revolution in healthcare.  We built our company on the belief that with smarter technology we are redefining pharmacy benefits, but this is just the beginning…

As a Security Risk and Compliance Analyst, your role is essential in maintaining the security and compliance of our cloud-centric, modern systems. You will support Risk, Audit, Legal, and Compliance activities related to Information Systems and Security. Additionally, you will contribute to planning for HITRUST maturity, promote sustainable practices, and support the expansion of our operations.

The fundamentals for the job…

• Support the modernization and optimization of Security-related policies and procedures, aligning with corporate Risks, Audit, Legal, and Compliance needs.
• Assist in the development and enhancement of security GRC processes.
• Participate in vulnerability assessment efforts, adopting a Cloud First approach and adhering to the latest security standards for cloud environments.
• Help with HITRUST certifications and support maturity in security and compliance endeavors.
• Contribute to the management of the third-party risk program, ensuring vendor alignment with our principles.
• Help audit access rights, prioritizing a Cloud First approach and modern systems.
• Contribute to developing security requirements for new company initiatives, with an emphasis on sustainability and operation expansion.
• Support the creation and review of all Security-related policies and procedures, integrating corporate Risks, Audit, Legal, and Compliance requirements into the Information Security Program.
• Serve as a supportive liaison for the Compliance, Security, and Risk Management (CSRM) Committee.

 

• What we expect of you

The bold requirements…

• Bachelor’s Degree in Information Technology, Computer Science, or a related field (relevant work experience may be considered in lieu of a degree).
• 3+ years of experience in Information Security roles.
• Experience within Healthcare Compliance.
• Familiarity with Internal Controls, Security Policies and Procedures, Action Planning, and Execution.
• Understanding of the selection, implementation, and maintenance of security and compliance tools such as SIEM, vulnerability scanning, or identity management solutions.
• Knowledge of qualitative and quantitative risk management approaches and processes.
• Awareness of security practices and controls to address security risks, applying frameworks such as NIST, COBIT, and ISO.
• Understanding of IT Compliance and Security principles.
• Familiarity with Compliance and Local Regulations as well as Federal Regulations relevant to the Healthcare Industry.
• Strong oral and written communication skills.
• Flexible hybrid work model with certain on-site workdays (Puerto Rico location).
• This position requires availability to work in a specified time zone or working schedule, accommodating the business needs of our clients and team members.
• This position may require availability for on-call hours, including evenings, weekends, and holidays, to promptly address emergent issues or provide necessary support as dictated by operational demands (if applicable).

Nice to haves…

• Professional security certifications (e.g., CISSP, CRISC, CISA, etc.).
• Experience in Healthcare, Pharmacy, and Pharmacy Benefit Management industries, including knowledge of Medicare Part D and CMS regulations.
• Understanding of regulatory compliance and IT service management frameworks such as ITIL, ISO 20000.
• Experience with GRC products (e.g., RSA-Archer, Riskonnect, Metric Stream, ServiceNow GRC, etc.).

Physical requirements…

• Must be able to access and navigate each department at the organization’s facilities.
• Sedentary work that primarily involves sitting/standing.

At Abarca we value and celebrate diversity. Diversity, equity, inclusion, and belonging are guiding principles of Abarca and ensure Abarca’s workforce reflects the communities it serves.  We are proud to provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, medical condition, genetic information, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

Abarca Health LLC is an equal employment opportunity employer and participates in E-Verify.  “Abarca Health LLC does not sponsor employment visas at this time”

The above description is not intended to limit the scope of the job or to exclude other duties not mentioned. It is not a final set of specifications for the position. It’s simply meant to give readers an idea of what the role entails.

#LI-HYBRID #LI-MH1