This site uses cookies. To find out more, see our Cookies Policy

Lead Security Analyst (Hi-Trust) in Southfield, MI at AF Group

Date Posted: 3/9/2018

Job Snapshot

Job Description


The Lead Security Analyst/Auditor will provide overall support and implementation for the information security compliance program. The Lead Auditor will help the company achieve HiTrust certification and assist in SOC 2 certification. This position will also assist in developing and implementing security policies and procedures, as well as coordinating security governance activities, coordinating compliance activities and facilitating metrics reporting.


  • Perform onsite HiTrust security activities (lead onsite HiTrust resource)
  • Facilitate information security governance activities
  • Collect and track compliance and audit findings to ensure remediation is completed
  • Collect security metrics from relevant areas and facilitate metrics reporting
  • Create and revise information security standards, baselines, procedures, and processes that support enterprise security programs
  • Work with business and technical subject matter experts in IT to clarify changes to Information Security requirements
  • Manage and control document quality to ensure the accuracy of approved content, format and grammatical requirements for all publications
  • Develop required documentation for policy release activities
  • Participate in company projects requiring information security policy guidance
  • Coordinate policy review and policy exception meetings and communicate decisions
  • Administer and improve the security exception process
  • Provide support for information security awareness activities
  • Develop, maintain and provide general support for all Information Security SharePoint sites
  • Develop strategies to organize and consolidate relevant information from various locations to facilitate navigation of SharePoint sites.
  • Develop and maintain a document retention program for Information Security

    This position description identifies the responsibilities and tasks typically associated with the performance of the position. Other relevant essential functions may be required.




    Bachelor's degree in a related field. Relevant combination of education and experience may be considered in lieu of degree. Professional security or auditing certifications a plus: CISSP, CISA, GIAC, SSCP, CIPP, CIA. Continuous learning, as defined by the Company's learning philosophy, is required. Certification or progress toward certification is highly preferred and encouraged.


    5 years related experience in IT Audit and/or Compliance; experience in Healthcare or Insurance preferred. Experience managing IT Compliance activities in a complex environment. Security administration or IT Audit experience.

    Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled