BrightSpring Health Services

The Risk & Compliance team is essential to the success of BrightSpring’s Information Security Program.

 

We’re all about risk and strategy: We start with a risk based approach to understand what to take action on and why; Build organizational alignment and communicate the standardized approach to address risk; Mobilize risk remediation by identifying, coordinating and applying the resources (people, process, and technology) needed for action; Then we formalize the new and enhanced controls to help us understand the effect of change on risk so that we can continue to iterate and improve.

• Proactively monitors the threat landscape and current controls to evaluate the effectiveness of the security tools and works with internal and external stakeholders to implement appropriate safeguards and controls
• Develop and implement security controls to reduce the likelihood and impact of security incidents
• Assists in performing risk assessments of internal and external applications/solutions to determine their adherence to security controls, BSH’s policies, standards and industry best practices, and maintains ongoing safeguards and access controls
• Performs audits on processes to ensure compliance with security policies, procedures and best practices
• Assists in updates to enterprise information security policies, technical standards, guidelines, and procedures necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls
• Makes recommendations on IT security administration issues, coordinating with users to determine requirements, and ensuring system improvements are successfully implemented and monitored, finding ways to increase efficiency
• Assesses current and planned applications and systems, identifying security protection issues and proactively identifying and modifying controls to protect against sophisticated cyber- attacks
• Collaborates across the organization and with external parties to remediate security gaps
• Communicates security risks and solutions to business partners and IT staff as needed
• Stay up-to-date on the latest security threats and trends
• Formulate security configuration and operational standards for IT systems/applications
• Design and develop internal controls to mitigate security risks and related opportunities for internal controls improvement
• Work with other IT staff to ensure the security of the organization's systems and data
• Help in security incidents resolution

• Three or more years of experience in security risk analysis or a related field
• Strong understanding of security principles and best practices
• Experience with security tools and systems
• Experience in IT security in a healthcare environment
• Excellent analytical and problem-solving skills
• Excellent written and verbal communication skills
• Ability to work independently and as part of a team

BrightSpring Health Services provides complementary and integrated home- and community-based pharmacy and health solutions for complex populations in need of specialized and/or chronic care. Through the Company’s service lines, including pharmacy, home health care and primary care, and rehabilitation and behavioral health, we provide comprehensive care and clinical solutions in all 50 states to over 400,000 customers, clients and patients daily. For more information, visit www.brightspringhealth.com. Follow us on Facebook, Twitter and LinkedIn.