Prime Therapeutics · 10 hours ago
Sr. IT Risk & Controls Analyst - Contract Negotiations - Remote
United States
Full-time, Contract
Remote
Mid, Senior Level
$94K/yr - $160K/yr
5+ years expPrime Therapeutics is a purpose-driven pharmacy benefit manager focused on connecting care for those they serve. They are seeking a Sr. IT Risk & Controls Analyst to lead the development and execution of processes ensuring IT compliance with various security requirements, while collaborating with cross-functional teams to support the Security Governance Risk and Compliance program.
Health CarePharmaceutical
No H1B
Responsibilities
Lead the development, implementation and enforcement of organization wide security standards, policies and procedures including organizational processes and metrics that monitor risk and controls and evaluating operational performance
Perform vendor security assessments and onsite audits to ensure adherence to contractual obligations, including negotiating appropriate security language in vendor agreements
Assure the management of IT audit action plan remediation
Develop and implement sustainment and monitoring processes to assure compliance with security requirements within HITRUST, SOC 1, SOC 2, HIPAA, and client contracts
Respond to client security assessments and RFPs, ensuring alignment with internal security policies and applicable regulatory requirements, and participate in client contract negotiations
Monitor and interpret state and federal cyber regulations (e.g. HIPAA, HITRUST, NIST, CMS, etc.), identify gaps, and recommend updates to security controls and frameworks
Provide leadership to guide Information Security program projects
Other duties as assigned
Qualification
Required
Bachelor's degree in an analytical discipline such as Computer Science, Finance, or Sciences or related area of study, or equivalent combination of education and/or related work experience; HS diploma or GED is required
5 years of experience in Information Security, Information Technology, Risk Management, Audit or Finance
Must be eligible to work in the United States without the need for work visa or residency sponsorship
Ability to manage and prioritize numerous time-critical tasks simultaneously and provide direction to professional staff
Strong analytical and critical thinking skills
Project and process management skills, including managing to project budgets and timelines
Knowledge of Governance, Risk and Compliance area topics
Solid understanding of regulatory requirements and security frameworks (PCI, HIPAA, SOC1, SOC2, HITRUST, NIST, etc.)
Working knowledge or experience with security practices, principles and controls
Leadership and mentoring skills
Preferred
Current industry-recognized security certification (CISSP, CISA, CRISC, CISM, etc.)
Master's degree in an analytical discipline such as Computer Science, Finance, or Sciences or related area of study
Experience developing and producing security metrics and reporting, communications and policies
Experience in a highly regulated industry, health care preferred
Experience conducting security assessments across a range of frameworks including PCI, HITRUST, SOC 1, SOC 2, HIPAA, ISO, NIST, and/or CoBIT
Experience responding to client RFPs and contract negotiations in the healthcare or public sector industries
Company
Prime Therapeutics
Prime Therapeutics is a trusted pharmacy solutions partner delivering savings, simplicity & support to our customers and members
5001-10000 employees
Funding
Current Stage
Late StageLeadership Team
Mostafa Kamal
President & Chief Executive Officer
Kenneth Bodmer
Chief Financial Officer
Recent News
2025-10-31
Company data provided by crunchbase