How you can make a difference
We are looking for a motivated information security professional to fill a role as a Third-Party Security Analyst.
The Third-Party Security Analyst role is responsible for performing security risk assessments within the HealthEquity's Risk and Security Team. This role provides support to managing third party relationships and obtaining the necessary data from third parties (operations partners) to assess their security posture. The analyst will assist business users with the intake process to gauge the initial 3rd party risk profile and then assign various questionnaires based on criticality. Duties will include managing a questionnaire-based process and tool requiring the assessment and scoring of critical Operations partners. Operations Partners will be measured against various frameworks, including NIST, FFIEC, and PCI. Further, the Third-Party Security Analyst will be responsible for responding to assessment questionnaires from HealthEquity customers (revenue partners), will coordinate and oversee onsite assessments from revenue partners, and engage in online and in-person meetings with revenue partners to ensure those partners satisfaction with the HealthEquity security posture.Responsibilities
- Creation and execution of operation partners security assessments
- Following up with operations partners on questions and comments related to the assessments
- Reporting and communication of assessment results and recommendations
- Tracking of partner remediation activities
- Reassessment of critical assessments on a periodic basis
- Escalation of security issues where appropriate
- Facilitation of operations partner Risk Acceptance Process where appropriate
- Providing support for audit inquiries
- Validation of partner security controls to ensure compliance with HealthEquity policies
- Responding to revenue partner assessment questionnaires
- Coordinating on-site assessment by revenue partners
- Establishing and maintaining strong relationship with Information Technology and Risk and Security stakeholders
What you will need to be successful
- Bachelor's Degree in Computer Science or Engineering, or a related technical field. Technical work experience may be substituted in lieu of educational requirements
- 5+ years of combined experience in information security, or 5+ years' experience in a technical analyst or engineering role.
- Strong passion and motivation for security
- High level of credibility, a technical background, particularly in security, preferably in environments with similar complexity and regulatory profiles to HealthEquity, spanning financial services, financial technology, and healthcare
- Ability to integrate with the existing team and deliver on key objectives
- Builds constructive relationships with diverse groups of people, including internal and external stakeholders
- Demonstrates excellent communication and listening skills
- Operates with a commitment to customer service excellence
- Drives results and champions change
- Fosters teamwork and collaboration
- Become an integral part of a high performing team and motivate others
- Experience in reviewing technical policies and developing standard operating procedures
Benefits and perks
- Medical, Dental, Vision
- 401(k) match
- Paid Maternity/Paternity leave
- Ongoing education
- Tuition Assistance
- Gym/Fitness Reimbursement
- Purple with Purpose (paid volunteer time off)
- HSA contribution and match
- On site Lunch and Learns
- Award winning Wellness Program
- Consumer Driven Healthcare (CDH) education
Why work for HealthEquity
HealthEquity has a vision that by 2030 we will make HSAs as wide-spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth and build health savings for life. Through our innovative technology and superior service delivery, our members gain valuable insights to better save and spend their healthcare dollars.
We firmly believe that our team members drive the success of this company. We hire passionate contributors who enjoy the thrill of pioneering their positions to their full potential. Join us and discover a work experience where the person is valued more than the position, and where are our purple culture drives a remarkable experience.
Our advice to you
HealthEquity is fiercely focused on hiring passionate individuals to contribute to our purple culture. If you speak passion, excellence, service, ambition, fun… we want to speak with you! We believe that your personality is as important as your experience and qualifications so when we do have the opportunity to speak together, be authentic, be genuine, be you! Showcase your experience and your passion.
HealthEquity, Inc. is a proud promoter of equal opportunities for training, compensation, transfer, promotion, and other aspects of employment for all qualified applicants and employees. HealthEquity, Inc. support Equal Employment Opportunities without regard to sex, race, color, religion, national origin, age, disability, sexual orientation or veteran status when hiring – under federal, state and local laws.