Senior Information Security Analyst (HIPAA / GRC ) (US, Field)

Work from home Full-time role Hiring

Life. Unlimited. At Smith+Nephew we design and manufacture technology that takes the limits off living. Join us as an Information Security Compliance Analyst and play a key role in shaping and delivering our annual HIPAA programme. This is an opportunity to work closely with leaders across Governance Risk and Compliance, with support and guidance from senior experts while owning essential programme activities that help protect our patients, people and systems. What will you be doing? In this role, you will become the driving force behind the annual HIPAA programme. You will plan the programme’s schedule, coordinate with a wide range of partners, and keep everything running smoothly throughout the year. You will oversee the annual Security Risk Assessment, shaping its scope and collaborating with third party specialists to ensure it is delivered effectively. You will also carry out security assessments on IT systems, follow a structured process to record outcomes and track actions, and keep our documentation and workflows in OneTrust consistently updated. Along the way, you will monitor changes in HIPAA law, support updates to internal policy, and bring insights and recommendations forward to leadership and the Steering Committee. Success in this position comes from blending hands‑on security experience with strong organisation and leadership skills. You enjoy helping a programme run on schedule, working with multiple teams, and being trusted by stakeholders to keep things moving. You can translate security controls into clear activities, understand how they are applied in practice, and turn complex challenges into structured actions. You bring a continuous improvement mindset and a readiness to contribute to the growth of the HIPAA programme year after year. What will you need to be successful? Education: Bachelor´s degree in Computer Science or related subject preferred. Certifications: Privacy or Security certifications would be advantageous but are not essential e.g. any HIPAA certification (CHPS, CHSE, CHPSE, CIPP/US), CISA, CISSP, ISO27001 or equivalent. Experience: At least 5 years in Information Security, some of which should be in a compliance function. At least 2 years working on HIPAA compliance is required. At least 3 years in Program or Project Management. Prior experience of Privacy Law related Security Controls compliance would be very well received. Experience deploying and assessing Information Security controls, ideally aligned to frameworks such as HIPAA, GDPR TOMS, ISO27001, HiTrust or NIST. Familiarity with tools such as OneTrust or IT risk management platforms, or the ability to learn them quickly. Travel Requirements: Apply To This Job

Apply

Senior Information Security Analyst (HIPAA / GRC ) (US, Field)

More remote roles to explore

Cloud Architect Manager

Operations Data Analyst- Insurance

Staff AI Engineer

Registered Nurse/ Nurse Consultant I

Clinical Scientist - Clinical Surveillance & Training (Clinical Psychologist/Neuropsychologist - Must Have)

Assessment Scientist CST (Masters or PhD in Psychology)

Collections Specialist

Global Head, Regulatory Affairs – Labeling (PDx)

Buyer Senior

High School Health Science CTE Teacher

Experienced Virtual Assistant – Data Entry, App Testing, and Online Project Support

Senior Tax Manager (Remote!)

Scheduling & Reservations Specialist

Sr. Manager - Software Development

Convenient Part-Time Online Jobs for College Students: Daily Mobile & Laptop Earnings

Desenvolvedor NetSuite - Remoto

Software Account Executive | SMB Retail

Remote Live Chat Specialist – Real‑Time Audience Engagement & Community Management for arenaflex Entertainment Productions

Intermediate Clinical Informaticist

PathConnexx Externship - Anatomic Pathology (North America)