BoulderRecruiter Since 2001
the smart solution for Boulder jobs

Information Security Analyst - Remote

Company: Boston Medical Center
Location: Boulder
Posted on: November 17, 2022

Job Description:


The Information Security Analyst (ISA) will collaborate with Boston Medical Center Health System's (BMCHS) various internal and external business units to build relationships and foster a culture that considers information security. The ISA directs, coordinates, plans, and organizes information security activities throughout the hospital or health plan, while acting as the focal point for all information security communications. The ISA is responsible for implementing the controls needed to protect both BMCHS information and information entrusted to Clearway Health by third parties.

The ISA is responsible for planning, coordinating and implementing Clearway Health information security program. The ISA will lead or participate in the development, enforcement, and maintenance of policies, procedures, measures, and mechanisms to protect the confidentiality, integrity and availability of information and to prevent, detect, contain, and correct information security breaches by aligning information security standards and compliance with statutory and regulatory requirements.

The ISA also monitors security and privacy trends and coordinates with Boston Medical Center (hospital or health plan) risk management, legal, human resources, Health Information Management, and compliance departments to keep abreast of relevant laws and legislation (locally and nationally) to ensure that the security and privacy programs are updated when appropriate to maintain ongoing compliance.

Position: Information Security Analyst

Department: Clearway Health

Schedule: Full-Time, Remote


  • Responsible for Information Security Program (ISP) development and implementation
  • Identify protection goals, objectives and metrics consistent with organizations strategic plan
  • Incident response program development
  • Security awareness program development
  • Business continuity and disaster recovery program development
  • Determine the acceptable level of information security risk in conjunction with senior management. Advise management on information security risks and appropriate course of action.
  • Conducts threats and vulnerability assessments to properly analyze the risks to information security and determines appropriate measures to effectively manage those risks
  • Work with management to prioritize security initiatives and spending based on appropriate risk management methodology
  • Manage the investigation of security breaches or potential breaches and assist with disciplinary and legal matters associated with such breaches
  • Work with outside consultants as appropriate for independent security audits
  • Participate in the evaluation, selection and implementation of security products and technologies
  • Develop enterprise education and communication plans.
  • Maintain deep knowledge of legal requirements and market standards of information security.

    (The above statements in this job description are intended to depict the general nature and level of work assigned to the employee(s) in this job. The above is not intended to represent an exhaustive list of accountable duties and responsibilities required).


  • Master's degree in a related field or the professional certifications Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Auditor (CISA) is highly desirable.

  • Professional certifications of Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) is highly desirable.

  • Seven plus years of experience in a large (over 2,000 users) Information Technologies department. Large Healthcare IT Enterprise experience is preferred.

  • Should have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation.
  • Must have a solid understanding of information technology and information security.
  • Strong verbal and written communication skills.
  • Ability to articulate highly technical information into real world business impact at a senior management level and, conversely, ability to translate senior management business initiatives into actionable technical designs.
  • Must understand the unique requirements of security in a healthcare setting. Associated topics: idm, information assurance, information security, information technology security, leak, protect, security officer, threat, violation, vulnerability

Keywords: Boston Medical Center, Boulder , Information Security Analyst - Remote, Professions , Boulder, Colorado

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Colorado jobs by following @recnetCO on Twitter!

Boulder RSS job feeds