Platzhalter Bild

Senior Security Analyst at None

None · Bangalore, India · Remote

AWS

Microsoft Excel

Cloud Security

Apply Now

Job description

Job Title: Security Governance Analyst – HIPAA & HITRUST Compliance
Location: Offshore/ Remote
Department: Information Security & Compliance
Reports To: Manager – Security Governance, Risk & Compliance (GRC)

Role Summary:
The Security Governance Analyst is responsible for ensuring that the organization maintains compliance with applicable regulatory and industry frameworks, including HIPAA, HITRUST CSF, and related privacy and security controls. This role involves establishing, maintaining, and continuously improving the security governance framework, assessing risk, and ensuring that information security practices align with organizational policies, contractual requirements, and healthcare regulations.

Key Responsibilities:
Governance & Compliance:
  • Develop, implement, and maintain governance frameworks aligned with HIPAA Security & Privacy Rules and HITRUST CSF requirements.
  • Conduct periodic compliance assessments and gap analyses to identify areas of non-compliance and drive remediation.
  • Coordinate HITRUST certification and readiness activities, including control mapping, evidence collection, and audit coordination.
  • Maintain up-to-date knowledge of regulatory requirements and ensure internal policies reflect evolving standards.
  • Support internal and external audits, ensuring timely response and closure of findings.
Risk Management:
  • Perform risk assessments across systems and business units to ensure compliance with HIPAA/HITRUST requirements.
  • Track and report on remediation progress for identified risks and control deficiencies.
  • Assist with third-party vendor risk assessments, ensuring business associates adhere to HIPAA and HITRUST standards.
Policy & Control Development:
  • Draft, review, and maintain security policies, standards, and procedures in alignment with governance frameworks.
  • Map organizational controls to the HITRUST CSF control categories (19 domains) and NIST/ISO equivalents.
  • Work with IT and Security Operations teams to ensure controls are effectively implemented and monitored.
Awareness & Training:
  • Promote compliance awareness through periodic training and communication programs.
  • Serve as a subject matter expert for HIPAA and HITRUST compliance questions across departments.


Required Qualifications:
  • Bachelor’s degree in Information Security, Information Systems, or related field (or equivalent experience).
  • 3–7 years of experience in security governance, risk, and compliance (GRC) roles.
  • In-depth understanding of HIPAA Security and Privacy Rules and HITRUST CSF control framework.
  • Experience conducting audits, risk assessments, and compliance reporting.
  • Familiarity with frameworks such as NIST 800-53, ISO 27001, and SOC 2.
  • Strong documentation, analytical, and communication skills.


Preferred Qualifications:
  • HITRUST CCSFP (Certified CSF Practitioner) or CHQP (HITRUST Certified Healthcare Quality Professional).
  • CISA, CISM, CRISC, or CISSP certifications preferred.
  • Experience in healthcare, payer, or provider environments.
  • Knowledge of cloud security controls (Azure, AWS, GCP) and PHI data handling practices.


Soft Skills:
  • Strong attention to detail and ability to manage multiple priorities.
  • Excellent collaboration and stakeholder management skills.
  • Ability to translate regulatory requirements into practical technical and operational controls.

 

Range of Year Experience-Min Year

3

Physical Location

Bangalore - Campus

Qualifications

Bachelor’s degree in Information Security

Range of Year Experience-Max Year

7
Apply Now

Other home office and work from home jobs

Firmenlogo

Security Analyst

Google · Hyderabad,

Firmenlogo

Sales Development Representative (Remote)

CometChat · Mumbai,

Firmenlogo

Sales Representative - Construction Engineering and Trade (South India) (Hyderabad, TG, IN, 500081)

None · Hyderabad,