This job board retrieves part of its jobs from: Pennsylvania Jobs | Montreal QC Jobs | California Jobs

  Jobs in California  

Bringing the best, highest paying job offers near you

previous arrow
next arrow

Information Security Analyst


This is a Contract position in Santa Monica, CA posted November 14, 2020.

Information Security Analyst

SimplePractice is the future of practice management. Were at the forefront of making it simple for clinicians to run and grow their practices. Weve built the highest-rated practice management software and were on track to become the most-used product in our industry.

We are looking for an information security analyst who will implement innovative information security controls that mitigate SImplePractices risk, empower innovation and show continued dedication to security for both our customers and their clients.

As Information Security Analyst at SimplePractice, you will:

Understand technical implementation details necessary to identify and assess security risks and recommend mitigating controls
Participate in the development and oversight of required corrective action plans relating to security compliance issues
Support business relationships with the internal and external security auditors and regulators
Identify, research and evaluate new compliance requirements and ensure they are incorporated into SimplePractices security policy framework
Support the communication of policies, procedures, and plans to internal stakeholders regarding security and compliance best practices around applicable laws, regulations and controls
Support the identification, validation and remediation of information technology controls
Be responsible for Data Security Standards (HITRUST and PCI), regulations governing personally identifiable information (PII) and other applicable regulatory compliance frameworks
Partner with internal teams to ensure successful security programs that align with compliance requirements
Understand the security needs of internal and external stakeholders around external business partners and maintain a process that meets stakeholder needs
Manage daily activities and functions of the external business partner management program
Coordinate and drive business partner security assessment activities for both inbound and outbound relationships
Lead assessments of business partner security risk, develop mitigation plans, and work with internal stakeholders to assign monitoring responsibility. Prepare and complete annual risk assessments and assist with regulatory and accreditation audit preparation as needed
Support business partner selection on significant sourcing decisions and reassess security risk for business partners prior to contract renewal


5+ years experience in information security compliance
2+ years experience supporting compliance programs within the technology space
5+ years experience in security controls across all security domains such as access management, encryption methods, vulnerability management, network security, etc.
Project management skills
Experience of data security frameworks and regulatory standards, including PCI, HITRUST, HIPAA and NIST CSF
Experience with developing security and compliance reporting for a variety of audiences, including executive management
Demonstrated leadership skills with experience working effectively across various levels
Experience developing and submitting audit and compliance reports to governing bodies, legal entities, and/or external authorities
Experienced in processes for assessing and designing internal controls for large scale organizations
Experience assessing security risk for large scale organizations. Specific experience in cloud services organizations
Certifications in one or more of the following areas preferred: CISSP, CISA, CISM, CRISC, GISO, GCIH, CIPP

California Job Applicant Privacy Notice

Thank you for your interest in opportunities at SimplePractice LLC (“SimplePractice” or “us” or “we” or “our”). Please note that when you submit your resume or application materials to us for employment purposes, we may collect the following categories of personal information about you:

Identifiers (e.g., name, address, email address, and phone number); protected characteristics (e.g., sex, gender, age, citizenship, disability status, and veteran status); professional or employment-related information (e.g., employment history, educational background, certificates and licenses, work eligibility information and other information obtained from your resume, cover letter, your responses to our application questions, background check forms, and your references); other personal records (e.g., signature, photograph, and criminal background information); and inferences drawn from personal information collected (e.g., creating a profile that reflects your abilities and aptitudes).

We collect the above categories of personal information for the following business purposes:

To perform recruitment and hiring services; to manage the workforce; to comply with federal and state laws, and to maintain security (e.g., to detect and prevent against security risks and incidents, to prevent against fraudulent or illegal activity, and to ensure compliance with our company policies and procedures).

For more information about our privacy practices, please visit our Privacy Policy or contact us at

Powered by JazzHR

Please add your adsense or publicity code here (inc/structure/adsfooter.php)