Cybersecurity Compliance Analyst - CareATC : Job Details

Protecting Patient Data. Empowering Health.Why CareATC is Different (and Why You'll Love It Here): At CareATC, our employer-sponsored model creates a unique and rewarding environment where your skills help secure the future of patient care!

• Patients Win: They benefit from the robust security measures you help maintain, ensuring their sensitive health information is protected as they receive high-quality, accessible care.
• You Win: Step into a crucial role where your expertise directly supports our commitment to data integrity and regulatory excellence. Work in a dynamic, collaborative environment with consistent hours, focusing on meaningful contributions to our overall security posture without the burdens of traditional fee-for-service models.
• Employers Win: They benefit from a healthier, happier, and more productive workforce, leading to reduced healthcare costs and a more engaged employee base, all safeguarded by a strong cybersecurity foundation.

CareATC Advantages Include:

• Access to clinic services and medications at no or low cost for you and your dependents!
• Generous CEU reimbursement to fuel your professional growth.
• Opportunities for professional development and growth within a supportive team environment.
• A comprehensive benefits package (for eligible roles), including Medical, Dental, Vision, 401K, Paid Time Off, Disability & Life Insurance, a Wellness Program, and much more!

About the Job: As our Cybersecurity Compliance Analyst, you'll play a pivotal role in safeguarding sensitive data and ensuring regulatory adherence in the rapidly evolving healthcare landscape. You will be instrumental in protecting patient information and strengthening our security posture. This is a hybrid role based in Tulsa, OK, that requires a mix of in-office and remote work. Working closely with the Senior Manager of Cybersecurity and Infrastructure, you'll dive deep into areas like SOC audits and HIPAA security risk assessments. This is your opportunity to manage crucial compliance documentation, coordinate vital cybersecurity initiatives, and contribute directly to our robust vendor and risk management activities. If you have a keen eye for detail, a passion for security, and a drive to learn, you will thrive in this essential role at CareATC. What You'll Do:

• Lead Audit & Assessment Support: Play a key role in annual SOC audits and HIPAA security risk assessments by assisting with evidence gathering, coordinating schedules, taking notes, and tracking follow-up items.
• Strengthen Cybersecurity Programs: Contribute to the execution and maintenance of our comprehensive Cybersecurity Program, learning about its various components and impact.
• Enhance Risk & Vendor Management: Help manage our vendor management program, including performing cybersecurity due diligence for third-party partners, and supporting third-party risk assessment efforts.
• Support Documentation & Policy: Aid in creating and updating crucial cybersecurity compliance documentation, including policies, standards, procedures, and SOPs, ensuring they are current and clear.
• Collaborate & Communicate: Effectively compile cybersecurity information for Request for Proposal (RFP) responses and customer questionnaires.
• Track & Remediate: Help track and document findings from penetration testing and vulnerability scans, learning about resolution processes.
• Drive Project Success: Contribute to cybersecurity project management tasks, including tracking progress, managing timelines, and documenting outcomes.
• Foster Collaboration: Work effectively with various internal departments, teams, and external partners (auditors, vendors) to facilitate compliance initiatives.

What You'll Bring to the Team:

• Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field required. Relevant professional experience may be considered in place of a degree.
• Experience:
  • Minimum 1 year of experience in an information security, IT audit, or IT compliance role, preferably within a healthcare environment.
  • Familiarity with cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory requirements (e.g., HIPAA, HITECH, SOC 2).
  • Experience assisting with evidence collection for audits, assessments, or compliance initiatives.
• Knowledge & Skills:
  • Foundational understanding of cybersecurity principles (e.g., risk management, vulnerability management, security operations, incident response).
  • Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint, SharePoint).

And Just as Important...

• Strong organizational skills with the ability to manage multiple tasks, prioritize effectively, and meet deadlines in a dynamic environment.
• Excellent written and verbal communication skills for documenting processes, creating reports, and interacting clearly with technical and non-technical stakeholders.
• A keen eye for detail and a strong commitment to accuracy in documentation and data analysis.
• A proactive willingness to learn and adapt to new technologies and evolving cybersecurity landscapes.
• The ability to work collaboratively with cross-functional teams and external partners.
• The ability to work a hybrid schedule in Tulsa, OK, with a mix of in-office and remote days.

Ready to Make a Meaningful Impact? If you are a dedicated professional with a passion for cybersecurity compliance and a drive to contribute to a healthier, more secure future, we encourage you to apply today! Join us in making a tangible difference in the lives of our patient community.