Information Security Compliance Analyst job at eHealth - eHealthInsurance Services in US National
Title: Information Security Compliance Analyst
Location: USA Remote
Apply
locations
USA Remote
time type
Full time
Job Description:
Join us in creating a better way!
At eHealth, our mission is to expertly guide consumers through their health insurance and related options when, where, and how they prefer. We’re creating a better way – one that’s transparent and trustworthy for both our consumers externally and our employees internally.
Move your career forward while connecting countless people to the life- changing, quality care they deserve. Our diverse team of innovators supports one another in solving some of the toughest challenges. We’re always on the lookout for creative opportunities to do right by our customers, and each other. Together, we’re creating a better way to work, united by our common passion to make a difference.
eHealth is America’s first and largest private online marketplace for health insurance, which allows individuals, families, and small businesses to compare insurance options side by side and enroll in coverage. Our mission is to help everyone find affordable Healthcare coverage through our website technology, consumer advocacy, and personalized customer assistance. The company has continued to evolve into an effective Expedia equivalent in the health care space. The increasing confidence that analysts and shareholders are demonstrating by our record share price is a testimony to our position in the health care market. Building a high-performance culture is critical for eHealth to continue on our path of intelligent and rapid growth and to win with our customers.
We’re looking for a versatile Governance, Risk, and Compliance (GRC) professional passionate about the people, processes, and technology that enable eHealth to achieve its mission. Your expertise will help to drive improvements to eHealth’s Information Security, Governance, Compliance, and Risk Assessment processes to empower sound decisionmaking. Your interpersonal skills will help foster a risk-aware culture throughout the company.
Compliance is a crucial pillar supporting eHealth’s overall Information Security Program. As an individual contributor on the GRC team, you will work with stakeholders across IT, Engineering, Legal, and HR along with other members of the GRC team. You will be responsible for assessing, evaluating, and making recommendations to leadership regarding the implementation of security controls aligned with SOC2 and eHealth's Risk Management program.
What you'll do:
• Assisting with internal and external audit engagements (SOC2 Type II, HITRUST, PCIDSS, SOX, GuardianSphere etc.)
• Gather control evidence to ensure the information provided fulfills the requirements
• Organize audit evidence and manage the control and process libraries
• Assist the business to assess, document and remediate risks identified during the assessment
• Contributing to eHealth’s compliance maturity:
• Work with the business to implement sound security controls aligned with the security policies and standards and identify control gaps
• Develop metrics to report to management
• Assisting with Security awareness training and phishing campaign exercises
• Working with business partners to respond to carrier security questionnaires
• Evaluating new vendors for security concerns
• Assess the status of projects to identify and implement appropriate corrective measures to resolve security concerns as they arise
• Assists in the development and ongoing refinement of enterprise AI policies, standards, and guardrails, embedding responsible and compliant AI use into core governance processes, risk assessments, and control frameworks
Who you are:
• You have a Bachelor's degree in Information Security, Information Systems or related field. We will consider candidates with equivalent work experience in lieu of a Bachelor’s degree.
• You have 3+ years of experience working in an Information Security audit setting such as SOC2 and HITRUST, and knowledge of security controls including NIST, HIPAA, & Privacy
• You have the ability to foster a collaborative working relationship in a fast-paced, team-oriented environment
• You bring strong written and verbal communication skills with a proven ability to hold constructive discussions with the business to ensure information security risks are adequately addressed
• You have attention to detail and strong research skills
• You have the ability to analyze problems from different angles and foster multiple perspectives
• You have experience with risk management tool administration and configuration is a plus
• You have the ability to digest and translate technical language and relay to stakeholders outside of the Security field in understandable terms
• You have the ability to exercise judgement within defined procedures and determine appropriate action with autonomy and support as needed
You’ll be part of an open-minded and cohesive team that works toward shared goals. We’re passionate about growing a diverse and inclusive information security team at eHealth because it makes us a stronger company and we’re stronger together. eHealth is committed to creating an inclusive space for everyone, no matter what.
What we offer:
Generous benefits include medical, dental and vision beginning on your first day of employment
401K with matching
Tuition reimbursement
Employee stock purchase program
12 company paid holidays and flexible time off (PTO for non-exempt)
Our Values: At eHealth, our core values guide our work:
One Team
Customer Centric
Innovation
Integrity
Quality
Accountability
Relentless
Financial Stewardship
• Please note the above is a summary of responsibilities; a full job description is available upon request.
#LI-Remote
#LI- DC
-
The base pay range reflects the anticipated pay range for this position. The actual base pay offered will depend on various factors including individual skills, experience, performance, qualifications, the department budget, and the location where work is performed. Base pay is one component of eHealth’s total rewards package, which also includes an annual performance bonus, plus an array of benefits designed to support employees’ personal and professional wellness. For more information on our total rewards offerings, please visit our career site.
-
Base Pay Range -$78,000 - $97,500
-
eHealth is an Equal Employment Opportunity employer. It is our policy to provide equal opportunity to all employees and applicants and to prohibit any discrimination because of race, color, religion, sex, national origin, age, marital status, sexual orientation, genetic information, disability, protected veteran status, or any other consideration made unlawful by applicable federal, state or local laws. The foundation of these policies is our commitment to treat everyone fairly and equally and to have a bias-free work environment.
Apply Now
Apply Now
Location: USA Remote
Apply
locations
USA Remote
time type
Full time
Job Description:
Join us in creating a better way!
At eHealth, our mission is to expertly guide consumers through their health insurance and related options when, where, and how they prefer. We’re creating a better way – one that’s transparent and trustworthy for both our consumers externally and our employees internally.
Move your career forward while connecting countless people to the life- changing, quality care they deserve. Our diverse team of innovators supports one another in solving some of the toughest challenges. We’re always on the lookout for creative opportunities to do right by our customers, and each other. Together, we’re creating a better way to work, united by our common passion to make a difference.
eHealth is America’s first and largest private online marketplace for health insurance, which allows individuals, families, and small businesses to compare insurance options side by side and enroll in coverage. Our mission is to help everyone find affordable Healthcare coverage through our website technology, consumer advocacy, and personalized customer assistance. The company has continued to evolve into an effective Expedia equivalent in the health care space. The increasing confidence that analysts and shareholders are demonstrating by our record share price is a testimony to our position in the health care market. Building a high-performance culture is critical for eHealth to continue on our path of intelligent and rapid growth and to win with our customers.
We’re looking for a versatile Governance, Risk, and Compliance (GRC) professional passionate about the people, processes, and technology that enable eHealth to achieve its mission. Your expertise will help to drive improvements to eHealth’s Information Security, Governance, Compliance, and Risk Assessment processes to empower sound decisionmaking. Your interpersonal skills will help foster a risk-aware culture throughout the company.
Compliance is a crucial pillar supporting eHealth’s overall Information Security Program. As an individual contributor on the GRC team, you will work with stakeholders across IT, Engineering, Legal, and HR along with other members of the GRC team. You will be responsible for assessing, evaluating, and making recommendations to leadership regarding the implementation of security controls aligned with SOC2 and eHealth's Risk Management program.
What you'll do:
• Assisting with internal and external audit engagements (SOC2 Type II, HITRUST, PCIDSS, SOX, GuardianSphere etc.)
• Gather control evidence to ensure the information provided fulfills the requirements
• Organize audit evidence and manage the control and process libraries
• Assist the business to assess, document and remediate risks identified during the assessment
• Contributing to eHealth’s compliance maturity:
• Work with the business to implement sound security controls aligned with the security policies and standards and identify control gaps
• Develop metrics to report to management
• Assisting with Security awareness training and phishing campaign exercises
• Working with business partners to respond to carrier security questionnaires
• Evaluating new vendors for security concerns
• Assess the status of projects to identify and implement appropriate corrective measures to resolve security concerns as they arise
• Assists in the development and ongoing refinement of enterprise AI policies, standards, and guardrails, embedding responsible and compliant AI use into core governance processes, risk assessments, and control frameworks
Who you are:
• You have a Bachelor's degree in Information Security, Information Systems or related field. We will consider candidates with equivalent work experience in lieu of a Bachelor’s degree.
• You have 3+ years of experience working in an Information Security audit setting such as SOC2 and HITRUST, and knowledge of security controls including NIST, HIPAA, & Privacy
• You have the ability to foster a collaborative working relationship in a fast-paced, team-oriented environment
• You bring strong written and verbal communication skills with a proven ability to hold constructive discussions with the business to ensure information security risks are adequately addressed
• You have attention to detail and strong research skills
• You have the ability to analyze problems from different angles and foster multiple perspectives
• You have experience with risk management tool administration and configuration is a plus
• You have the ability to digest and translate technical language and relay to stakeholders outside of the Security field in understandable terms
• You have the ability to exercise judgement within defined procedures and determine appropriate action with autonomy and support as needed
You’ll be part of an open-minded and cohesive team that works toward shared goals. We’re passionate about growing a diverse and inclusive information security team at eHealth because it makes us a stronger company and we’re stronger together. eHealth is committed to creating an inclusive space for everyone, no matter what.
What we offer:
Generous benefits include medical, dental and vision beginning on your first day of employment
401K with matching
Tuition reimbursement
Employee stock purchase program
12 company paid holidays and flexible time off (PTO for non-exempt)
Our Values: At eHealth, our core values guide our work:
One Team
Customer Centric
Innovation
Integrity
Quality
Accountability
Relentless
Financial Stewardship
• Please note the above is a summary of responsibilities; a full job description is available upon request.
#LI-Remote
#LI- DC
-
The base pay range reflects the anticipated pay range for this position. The actual base pay offered will depend on various factors including individual skills, experience, performance, qualifications, the department budget, and the location where work is performed. Base pay is one component of eHealth’s total rewards package, which also includes an annual performance bonus, plus an array of benefits designed to support employees’ personal and professional wellness. For more information on our total rewards offerings, please visit our career site.
-
Base Pay Range -$78,000 - $97,500
-
eHealth is an Equal Employment Opportunity employer. It is our policy to provide equal opportunity to all employees and applicants and to prohibit any discrimination because of race, color, religion, sex, national origin, age, marital status, sexual orientation, genetic information, disability, protected veteran status, or any other consideration made unlawful by applicable federal, state or local laws. The foundation of these policies is our commitment to treat everyone fairly and equally and to have a bias-free work environment.
Apply Now
Apply Now