Job Description

Posted: October-05-2016
Schedule: Full-time
Job ID: REQ20004348
The Senior IT Security Analyst will be responsible for performing information systems audit and assessment work related to the company’s HIPAA audit (NIST, application controls testing, etc.) as well as other information systems audits. Ensures that user community understands and adheres to necessary procedures to maintain compliance. Must be able to weigh business needs against security concerns and articulate gaps and remediation plans to management.
    • Performs HIPAA audits and other IT related reviews (NIST, PCI) as prescribed in the annual plan.
    • Identifies weaknesses in internal controls and opportunities to enhance operational efficiencies.
    • Tracks remediation of identified gaps noted in reports
    • Effectively communicates audit results, both verbally and in writing, so they are persuasive, placed in the appropriate context, and understood by the recipient
    • Assists project teams in the implementation of security measures to meet corporate security policies and external regulations, e.g., NIST, HIPAA and PCI.
  • Maintains appropriate security documentation for applications and systems.
    • Bachelor’s degree in computer related field
    • Five to eight years of relevant working experience; at least 3 years of experience in IT Security
    • Certification in information security (CISSP, CISM, or equivalent) preferred
    • Familiarity with external regulations, e.g., DIACAP, HIPAA, PCI; Strong understanding of information security principles; Familiarity with domain structures, user authentication, and digital signatures; Understanding of data communication networks; Experience with security tools and systems; PC skills including knowledge of Microsoft Office
  • Excellent organizational skills and ability to communicate with internal/external entities and executives a must; Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities; Customer service-oriented; Ability to work in a flexible environment where requirements and procedures continuously evolve; Ability to multi-task and manage time effectively


Information Security prioritizes the protection and security of all client, patient and company information and data. They do this by proactively identifying the sophisticated landscape of threat actors and environmental risks associated with unauthorized access and service disruptions. This vital group focuses on preserving system reliability and business continuity, protecting the strong brand Express Scripts has in the marketplace, and maximizing the company’s defenses against external and internal threats.


Advance your career with the company that makes it easier for people to choose better health.
Express Scripts is a leading healthcare company serving tens of millions of consumers. We are looking for individuals who are passionate, creative and committed to creating systems and service solutions that promote better health outcomes.
Join the company that Fortune magazine ranked as one of the ‘Most Admired Companies’ in the pharmacy category. Then, use your intelligence, creativity, integrity and hard work to help us enhance our products and services.
We offer a highly competitive base salary and a comprehensive benefits program, including medical, prescription drug, dental, vision, 401(k) with company match, life insurance, paid time off, tuition assistance and an employee stock purchase plan.
Express Scripts is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. Applicants must be able to pass a drug test and background investigation.
Express Scripts is a VEVRAA Federal Contractor.