Associate Information Security Analyst - Enhanced Vendor Oversight

Blue Cross and Blue Shield of Rhode Island
$73,000 - $110,000
United States, Rhode Island, Providence
500 Exchange Street (Show on map)
May 05, 2025
Please email HR_Talent_AcquisitionTeam@bcbsri.org if you are a candidate seeking a reasonable accommodation for the application and/or interview process. Schedule: Hybrid Compensation: $73,000 - $110,000 Why this job matters: Blue Cross & Blue Shield of Rhode Island is seeking an innovative and diligent security professional to join its Information Security team. In this role, a successful candidate will be pivotal in ensuring the security, compliance, and maintenance of our third-party relationships. A successful candidate will be responsible for assessing, monitoring, and mitigating risks associated with third-party vendors and delegates. Additionally, a successful candidate will be required to interact with business units to communicate risks and manage review cycles effectively. What you'll do: Conduct security assessments of third-party vendors to identify potential risks and vulnerabilities. Collaborate with internal stakeholders to align third-party security practices with company policies and regulatory requirements. Review and analyze third-party attestation and certification artifacts (SOC2, HITRUST, etc.) shared by third parties to identify information security risks. Develop and maintain documentation related to third-party risk management activities. Maintain an organization-wide vendor portfolio for security risks and engagement forms. Provide recommendations for mitigating identified risks and improving third-party security posture. Stay informed about industry best practices and emerging threats related to third-party risk management. What you'll need to succeed: Equivalent combination of education and work experience 3+ years of relevant industry experience ideally focused in vendor management, third-party risk management, or related enhanced vendor oversight tasks. Relevant certifications are preferred, such as CISSP, CISA, CRISC, or equivalent, but are not required. Advanced knowledge of Microsoft Office; including Outlook, Word, Excel, and PowerPoint. Strong analytical and organizational skills. Effective oral and written communication skills. Must be a self-driven, team player. Ability to work independently and as part of a team. Knowledge of healthcare industry regulations and standards is a plus. Location: BCBSRI is headquartered in downtown Providence, conveniently located near the train station and bus terminal. We actively support associate well-being and work/life balance and offer the following schedules, based on role: In-office: onsite 5 days per week Hybrid: onsite 2-4 days per week Remote: onsite 0-1 days per week. Permitted to reside in the following states, pending approval from the Human Resources Department: Arizona, Connecticut, Florida, Georgia, Louisiana, Massachusetts, North Carolina, Oklahoma, Rhode Island, South Carolina, Texas, Virginia At Blue Cross & Blue Shield of Rhode Island (BCBSRI), diversity and inclusion are central to our core values and strengthen our ability to meet the challenges of today's healthcare industry. BCBSRI is an equal opportunity, affirmative action employer. We provide equal opportunities without regard to race, color, religion, gender, age, national origin, disability, veteran status, sexual orientation, genetic information and gender identity or expression. The law requires an employer to post notices describing the Federal laws prohibiting job discrimination based on race, color, sex, national origin, religion, age, equal pay, disability, veteran status, sexual orientation, and genetic information and gender identity or expression. Please visit https://www.eeoc.gov/employers/eeo-law-poster to view the "EEO is the Law" poster.