Accolade Mission Summary
Accolade is a rapidly growing company with the goal of helping clients get better health care in a way that delights them and saves them and their employer money. We do that by simplifying the complex array of health care and health benefit services that large Fortune 500 corporations offer to their employees. By helping individual employees and their families through the many decisions concerning health care and health benefits, and by simplifying their ability to access the right services at the right time, we help get employees and their families better care, save them time and money, and reduce the cost of medical benefits for their employers. We do this by providing each family with a professional Health Assistant who knows them, understands their benefits and helps them navigate the health care system in a way that reduces the many process errors that drive unproductive care.
The Information Security Analyst is responsible for serving as a hands-on researcher, documentation and security systems administrator for ongoing activities that provide for the confidentiality, availability and integrity of client, employee, and business information in compliance with applicable laws, regulations, and organizational policies.
- Researching industry security standards and best practices.
- Reviewing existing processes and security controls.
- Perform routine and ad hoc vulnerability scans, analyze results, document findings and track corrective actions or remediation strategy.
- Assist with performing security audits and the auditing of user accounts and access.
- Investigate incidents using SIEM, DLP and Web Content technology; review packet captures, reports, data visualization, and pattern analysis.
- Analyze, escalate, and assist in remediation of critical information security incidents.
- Assisting in the investigation of breaches in security, assisting in the assessments for new security controls, initiatives, and policies, and other duties as assigned in a very agile and fast moving environment.
- Conduct activities to raise corporate awareness of cyber security policies, activities, and threats.
Working closely with the Chief Privacy Officer to ensure compliance to applicable laws and regulations.
- Participate in security-related projects including requirements definition, task planning, research, testing, and implementation,
Desired Personal Characteristics:
- Minimum of 2 years’ experience in the field of Information Security, IT Audit or related disciplines.
- Knowledge of ISO 27001, NIST, SSAE 16, PCI and/or HIPAA standards is a plus
- Knowledge of information security, programming security and computer network access technologies
- Experience with operational computer and network security, data gathering and analysis
- Analytical skills including critical thinking and problem solving
- Clear and concise verbal and written communication skills
- PC proficiency to include Microsoft Word, Excel, and Outlook
- Organizational skills including attention to detail and multi-tasking skills
- Experience working both independently and in a team environment
- Operates from a perspective of truly caring about our clients and creating value for them
- Detail-oriented, inquisitive, problem-solving in nature
- Proven ability to roll up your sleeves and make a contribution quickly
- A team player capable of working effectively with individuals throughout the organization