Position: Information Security Analyst (ISA) (Premium Job)

Job Description

• Must possess excellent (English) written and verbal communication skills and capable of creating clear, well-written documentation, recommendations, and reports/communications.
• Manages and tracks the delivery of Security Training and Awareness campaigns.
• Assists in the development of content for Security Awareness campaigns.
• Develops an internal knowledge base of Security controls that is well written, searchable and logically organized.
• Actively contributes to the Security knowledgebase to enable internal knowledge sharing and facilitates efficient audits and questionnaire responses.
• Supports the Security Audit function by reviewing evidence submissions for accuacy and completeness, following up on audit requests, and helping to establish a continuous monitoring function.
• Manages and performs quarterly access reviews ensuring completeness and accuracy of results and consistent evidence collection.
• Assist the Cotiviti vendor risk management function in the review, evaluation, and reporting related to vendors to ensure security requirements for proposed solutions, technologies, services and capabilities are properly considered.
• Supports the Risk Management function by reviewing and documenting Security exceptions and recommending appropriate actions.
• Assist in testing and verification of all off-shore controls and formulating reports documenting findings.
• Recommends and assists in the definition and implementation of security controls in accordance with enterprise policies, standards, and procedures.
• Assist in the planning, coordination, and management of  client assessments at off-shore locations. 
• Act as interface between assigned business unit and security organization.  Develop trusted adviser relationships with key stakeholders and internal groups.
• Assist assigned business units with solution development activities to ensure security requirements are appropriately identified, considered, and addressed. These services will include but will not be limited to security education, control identification and development.
• Identify exceptions to security control standards and assist in management and tracking of risk acceptance and/or remediation for identified exceptions.
• Other duties as assigned

Competencies

Communicates With Impact: Presents information and ideas in a thoughtful and compelling manner. Is clear and concise in verbal and written communications. Shares information freely and speaks openly and honestly. Seeks to understand the perspectives of others.

Drives and Delivers Results: Sets clear priorities, takes action, stays focused, and overcomes barriers to deliver expected results.

Solves Problems and Makes Good Decisions: Evaluates critical information needed to understand problems, determine probable causes, and develop workable solutions. Accurately assesses the costs, benefits, and risks associated with alternative courses of action and makes high quality and timely decisions.

Leads Change: Sees emerging patterns and opportunities. Adapts quickly and easily to new information, changing conditions or unexpected events. Facilitates and communicates change across the team or organization to drive adoption.

Lives Our Values: Behaves in a way that consistently demonstrates commitment to Cotiviti values (Integrity, Passionate Client Service, Teamwork, Accountability, Performance Excellence, and Continuous Improvement)

Information Security and Compliance: Demonstrates understanding of Cotiviti security policies, standards, procedures, and external regulatory and customer requirements.  Maintains a strong working knowledge of risk and security related concepts, technologies, and industry leading practices.  Assures confidentiality, integrity, and availability of Cotiviti business process and supporting information infrastructure and data when appropriate. Demonstrates the skills, knowledge, and ability to ensure a risk-based approach to security is being consistently applied.

Collaborates Effectively – Partners with internal customers, stakeholders, and interested parties to ensure positive outcomes and experiences.  Ensures security is viewed as a valued asset by internal customers and stakeholders.

Job Specification

• Excellent English skills, both written and verbal are required.
• Bachelor’s Degree (or higher) preferred (or equivalent experience)
• Minimum of 3 years relevant work experience
• Knowledge of NIST 800-53, NIST CSF, HITRUST, HIPAA, ISO 2700x, and other leading industry security standards and frameworks
• Knowledgeable in security concepts, techniques, tools, methods and practices
• Proven relationship management expertise with both business and technical personnel
• Articulates the value of security controls and their potential business Impacts
• Strong risk analysis, customer service, problem solving, and consulting skills
• Able to interpret and apply policies, standards and procedures in business relevant and applicable way
• ~10% travel
• Proficient with Microsoft Office Suite (Word, Excel, Power Point)
• Professional with ability to properly handle confidential information
• Ability to work well independently and in a team environment
• Ability to handle multiple tasks, prioritize and meet deadlines
• Ability to work within a matrix organization
• Must be able to sit and use a computer keyboard for extended periods of time
• Must be able to lift up to 20 lbs without assistance
• Must have ability to positively handle/manage stress, such as high work volume and frequent change
• Must have flexibility and willingness to participate in the work processes of an international organization, including conference calls scheduled to accommodate global time zones.

Industry Certifications (Must be able to obtain and maintain one or more within six months if not currently certified):

• Certified Information Security Auditor (CISA)
• Certified Information Systems Security Professional (CISSP)
• Certified in Risk and Information Security Controls (CRISC)

Apply Instruction

To apply, please login to http://www.cotiviti.com.np/jobs or Send your CV to [email protected]