Cybersecurity Risk Analyst

Join PatientPoint to be part of a dynamic team committed to empower better health. As a leading digital health company, we innovate to positively impact patient behaviors. Our purpose-driven approach offers an inspirational career opportunity where you can contribute to improving health outcomes for millions of patients nationwide.

Location: Remote

Travel Requirements: Less than 10%

Job Summary 
The Cybersecurity Risk Analyst is responsible for identifying, assessing, and mitigating security risks that could impact the organization's data, systems, and operations. This role involves developing risk management strategies, ensuring compliance with security standards, and collaborating with cross-functional teams to strengthen the organization's security posture.  Cybersecurity Risk Analyst is responsible for leading PatientPoint’s Risk team.

What You’ll Do

Risk Management & Assessment

• Identify, analyze, and evaluate cybersecurity risks related to the organization's IT infrastructure, applications, and third-party vendors.
• Develop and implement cybersecurity risk management frameworks, policies, and procedures.
• Conduct regular security risk assessments, audits, and penetration testing to detect vulnerabilities in collaboration with Cybersecurity team.
• Maintain and update risk registers, ensuring timely mitigation of identified risks.

Compliance & Governance

• Ensure compliance with industry regulations and frameworks such as NIST, ISO 27001, GDPR, CMMC, HIPAA, or SOC 2.
• Develop and enforce policies related to data protection, access control, and risk mitigation.
• Conduct internal security audits and prepare for external audits to meet regulatory requirements.
• Provide governance support for cybersecurity policies, ensuring alignment with business objectives.

Incident Response & Mitigation

• Lead response efforts for security incidents, including investigations, containment, and recovery.
• Develop and refine cybersecurity incident response plans (CSIRPs).
• Collaborate with IT and security teams to ensure timely resolution of vulnerabilities.
• Conduct post-incident reviews and implement lessons learned to improve security resilience.

Collaboration & Communication

• Work with IT, compliance, and business teams to integrate cybersecurity risk management into overall business strategies.
• Educate and train employees on security best practices, policies, and threat awareness.
• Provide executive-level reports on cybersecurity risks, incidents, and mitigation efforts.
• Serve as the liaison between the organization and external cybersecurity auditors, vendors, and regulatory agencies.

Technology & Continuous Improvement

• Stay up to date with emerging cyber threats, vulnerabilities, and industry trends as it relates to organizational risk.
• Recommend enhancements to security controls, policies, and procedures.

What We Need

• Bachelor's or Master’s degree in Cybersecurity, Information Technology, Computer Science, or a related field
• 5+ years of experience in cybersecurity, risk management, or IT security.
• Hands-on experience in risk assessment methodologies, cybersecurity frameworks, and compliance management.
• Familiarity with cloud security, network security, and data protection strategies.

Desired Qualifications

• CISSP, CISM, CRISC, or CEH certifications

What You'll Need to Succeed

• Strong analytical and problem-solving skills.
• Excellent understanding of risk management principles and cybersecurity frameworks.
• Proficiency in security tools and technologies.
• Effective communication and stakeholder management skills.
• Ability to work under pressure and manage multiple security initiatives.

Base Salary Band: 79,579.60 - $127,999.00

Compensation: At PatientPoint, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including skills, qualifications, geographic location, and professional experience, which can cause your compensation to vary. The base salary range listed is just one component of PatientPoint’s total compensation package for employees. For additional details on our total benefits package, please review the section “About PatientPoint” at the end of this job description.

About PatientPoint: 
PatientPoint is a leading digital health company that connects patients, healthcare providers and life sciences companies with the right information in the moments care decisions are made. Our solutions are proven to influence patient behavior and improve health outcomes, driving value for all stakeholders. Across the nation’s largest network of connected digital devices in 35,000 physician offices, PatientPoint solutions empower better health for more than 750 million patient visits each year.

Latest News & Innovations: 

1. Named A Best Place to Work Across Multiple Prestigious Platforms! Read More
2. Featured on Built In's article "Companies That Pay Well". Read More
3. Now Culture Content Certified by VentureFizz. Read More

What We Offer: 
We know you bring your whole self to work every day, and we are committed to supporting our full-time teammates with a comprehensive range of modernized benefits and cultural perks. We offer competitive compensation, flexible time off to recharge, hybrid work options, mental and emotional wellness resources, a 401K plan, and more. While these benefits are available to full-time team members, we strive to create a positive and supportive environment for all teammates.