GoHealth Intro: As a leading health insurance marketplace, Go Health's mission is to improve access to healthcare in America. For customers, enrolling in a health insurance plan is confusing and difficult, and seemingly small differences between plans can lead to significant out-of-pocket costs or lack of access to critical medicines and even providers. We use our technology, agents, and expertise to cut through the confusion and get customers enrolled in a plan with the right coverage and benefits.
Why Apply? GoHealth has established a culture where our employees feel empowered, engaged, and inspired. We are looking for builders who will contribute to the company's long-term health. We also understand that you may not check every box in our requirements list, most applicants don't! In fact, frequently cited statistics show that women and underrepresented groups apply to jobs only if they meet 100% of the qualifications. GoHealth encourages you to break that statistic and to apply today!
About the role: As a Senior Security Analyst, you will be at the forefront of ensuring the security posture of our organization by performing comprehensive security reviews on various business projects. Your focus will include internal systems, vendor assessments, carrier evaluations, and business partner go-live processes. Additionally, you will play a key role in conducting recurring application reviews and implementing shift-left security methodologies to proactively address security concerns at earlier stages of development.
What You'll Do: Conduct thorough security reviews on internal systems, vendor assessments, carrier evaluations, and business partner go-live processes to identify potential security risks and vulnerabilities.Perform recurring reviews of applications to ensure ongoing compliance with security policies and standards, identifying and remediating security gaps as needed.Lead efforts to implement shift-left security methodologies, integrating security practices earlier in the development lifecycle to mitigate risks before they escalate.Collaborate closely with project teams, developers, vendors, and business partners to address security concerns and ensure security requirements are met throughout the project lifecycle.Document findings from security reviews and application assessments, and generate comprehensive reports for stakeholders, including recommendations for remediation.Provide security awareness training to internal teams and stakeholders to foster a culture of security awareness and best practices.Evaluate security tools and technologies to enhance security capabilities and support the implementation of security best practices.What We're Looking For: Proven experience in security analysis roles, with a focus on performing security reviews on business projects and application assessments.Strong technical background in security concepts, tools, and methodologies, with experience in implementing shift-left security practices.Strong understanding of regulatory and compliance standards, including HITRUST, NY DFS, CIS, NIST CSF, and SEC requirements.Excellent analytical and problem-solving skills, with the ability to identify and address security risks effectively.Strong communication and interpersonal skills, with the ability to communicate complex security concepts to technical and non-technical audiences.Demonstrated ability to collaborate effectively with cross-functional teams, vendors, and business partners to achieve security objectives.Relevant certifications such as CISSP, CISA, CEH, or similar are preferred.Bachelor's degree in a related field; advanced degree or relevant certifications are a plus.Location: Hybrid Benefits & Perks Open vacation policy 401(k) program with company match Medical, dental, vision, and life insurance benefits Flexible spending accounts Subsidized gym memberships Commuter and transit benefits Professional growth opportunitiesCasual dress code Generous employee referral bonuses Happy hours, ping-pong tournaments, and more company-sponsored events GoHealth is an equal opportunity employer. #LI-SI1
