Teladoc Health is transforming how people access and experience healthcare. Recognized as the world leader in virtual care, we are partnering with over a thousand clients to serve hundreds of thousands (soon millions!) of people living with chronic conditions every day. Teladoc Health offers a whole person virtual care platform that empowers all people everywhere to live their healthiest lives by transforming the healthcare experience, from acute and primary care to chronic care, mental health, and specialty care. Our team of data scientists aggregate and interpret substantial amounts of health data and information to create actionable, personalized, and timely health signals for our members. This approach delivers better clinical and financial outcomes while creating a different and better healthcare experience for people everywhere.
The Senior Security Analyst will support the Director, Information Security & Data Protection. The role will work closely with the business, its technology, and operations groups as well as clients and vendors to ensure policy, requirements and controls are planned, developed and implemented. The role will assume an SME level expectation for security guidance, approvals, design, and integration of consistent security solutions across corporate and cloud environments.
- Manage Teladoc Health’s cybersecurity program’s ability to keep pace with changes in the overall threat landscape
- Act as information security expert to IT and business project teams to identify potential threats and offer solutions and technologies in support
- Support assessments of critical security controls for the company’s cloud-based applications and remediate security gaps conducted by the security team
- Client lifecycle activities related to information security including RFI responses, contract negotiations or client-led security assessments
- On-boarding and due diligence analysis of potential vendors, service providers or partners
- Independently author information security policies, standards and procedures following established document formats/templates
- Broadly socialize draft policies, standards and procedures documents to solicit feedback from key internal and external stakeholders, driving updates and maintaining version control
- Establish and adhere to quality control standards for creating and internally publishing information security policies, standards and procedures
- Communicate with internal and external information security policies and standards stakeholders
- Tasks include prepare, write, and review System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs). Perform risk assessment analysis to support security certification and ATOs
- Enhance enterprise security awareness program
- Prioritization, time management and strong communication skills are essential for this role as, eventually, it will be managing direct staff and activities with internal peers as well as outside parties both technical and non-technical
- Strong background in cyber governance, risk and compliance, including relevant experience in authoring information security policies, standards and procedures
- Extensive experience in performing vendor risk assessment based on data processing activities involved
- Conversant in cybersecurity, assurance, and audit standards/models/frameworks such as ISO27001, NIST, HITRUST, FedRAMP, PCI, SOX, FDA, HIPAA
- Experience with securing cloud environments both public and private
- Bachelor’s degree from an accredited, four-year undergraduate program
- 5-7 years of experience in a purely information security role
Impress us even more:
- Prior working experience with HIPAA/HITRUST/FedRamp/NIST/ISO/GDPR/CCPA requirements and standards
- Working knowledge of IOT Medical Devices and FDA Postmarket/Postmarket requirements and UL2900-1/2
- Experience with consolidating security programs as part of merger and acquisition activities
- One of more certifications in the security field (CISSP/CISM/CRISC/CGEIT/CCSP/CIPM/CCSK/CCSP)
Why Join Teladoc Health?
A New Category in Healthcare: Teladoc Health is transforming the healthcare experience and empowering people everywhere to live healthier lives.
Our Work Truly Matters: Recognized as the world leader in whole-person virtual care, Teladoc Health uses proprietary health signals and personalized interactions to drive better health outcomes across the full continuum of care, at every stage in a person’s health journey.
Make an Impact: In more than 175 countries and ranked Best in KLAS for Virtual Care Platforms in 2020, Teladoc Health leverages more than a decade of expertise and data-driven insights to meet the growing virtual care needs of consumers and healthcare professionals.
Focus on PEOPLE: Teladoc Health has been recognized as a top employer by numerous media and professional organizations. Talented, passionate individuals make the difference, in this fast-moving, collaborative, and inspiring environment.
Diversity and Inclusion: At Teladoc Health we believe that personal and professional diversity is the key to innovation. We hire based solely on your strengths and qualifications, and the way in which those strengths can directly contribute to your success in your new position.
Growth and Innovation: We’ve already made healthcare yet remain on the threshold of very big things. Come grow with us and support our mission to make a tangible difference in the lives of our Members.
As an Equal Opportunity Employer, we never have and never will discriminate against any job candidate or employee due to age, race, religion, color, ethnicity, national origin, gender, gender identity/expression, sexual orientation, membership in an employee organization, medical condition, family history, genetic information, veteran status, marital status, parental status or pregnancy (including breastfeeding – we have a mother’s room in both our offices). In our innovative and inclusive workplace, we prohibit discrimination and harassment of any kind.