Information Security Analyst II Remote-Centric Hybrid, Nashville, TN Company Overview AMSURG is a nationally recognized leader in the strategic and operational management of ambulatory surgery centers with medical specialties ranging from gastroenterology to ophthalmology and orthopedics. With more than 250 surgery centers across the U.S., we partner with physicians and health systems to deliver the highest standards of patient care and quality. For more information, please access our website: https://www.AMSURG.com/. Through AMSURG, our clinician-led organization is changing the face of healthcare by delivering high-quality care that puts the patient first. AMSURG's core values drive continual advancement and ingenuity across the enterprise: * Be Curious-embrace learning, seek out diversity of thought, listen openly, ask questions, and ask for feedback * Instill Trust-have the hard conversation, presume good intent, honor commitments, and do the right thing for patients and each other * Pursue Extraordinary-challenge the status quo, champion change, innovate and constantly aim higher * Care Deeply-serve patients, partners, communities, and each other with empathy, compassion, and respect * Embrace Teamwork-work cross-functionally, break down walls, develop others, be inclusive and unite to improve patient health * Inspire Joy-seek fulfillment and the joy of medicine, appreciate others, celebrate wins, and promote wellness and belonging Benefits: At AMSURG, we offer benefits at the speed of your life. Our wide range of health and welfare benefits allow you to choose the right coverage for you and your family. Qualifying employees are eligible to enroll on the 1st of the month, following 30 days of employment. AMSURG offers a variety of health and welfare benefit options to help protect your health and promote your wellbeing. Benefits offered include but are not limited to: Medical, Dental, Vision, Life, Disability, Healthcare FSA, Dependent Care FSA, Limited Healthcare FSA, FSAs for Transportation and Parking & HSAs, and a matching 401(K) Plan. Paid Time Off: AMSURG offers paid time off, 9 observed holidays, and paid family leave. You accrue Paid Time Off (PTO) each pay period and depending on your position and can earn a minimum of 20 days and up to 25 days per calendar year. POSITION SUMMARY: The Information Security Analyst II assists with defining, refining, audit, and enforce policies, standards, and procedures within IT, partnering with corporate Internal Audit, Privacy, Compliance and Finance. Also, ensure Security Awareness throughout the enterprise to ensure employees understand the importance of the role they have in ensuring the alignment to controls and security awareness to the organization. WORK SCHEDULE: This position is offered on a Remote-Centric Hybrid basis with the expectation that you will be able to come to our AMSURG office in the Green Hills section of Nashville for quarterly planning meetings and annual full team strategy meetings. ESSENTIAL RESPONSIBILITIES: * Perform assessments of security controls and processes to identify gaps and support the implementation of appropriate mitigations. * Assist with aligning and driving controls implementation to show how they are mitigating information security risk. * Participate in the development and oversight of required corrective action plans relating to security compliance issues. * Assist control owners with the preparation and ongoing maintenance of control documentation (e.g., policies, procedures, narratives, and matrices). * Monitor, Identify, research, and evaluate new compliance requirements. * Understand the security requirements of internal and external stakeholders, regulators, and auditors. * Work with business owners on remediation plans that address identified gaps. * Coordinate work assignments with control owners and external auditors. * Assist with daily compliance activities and functions such as detail status of current assessments, audits, and related activities, creating and maintaining security reports/dashboards, etc. * Assist with Security Awareness throughout the Enterprise. * Work with the Training organization to ensure training is distributed and tracking of completion of the training within the appropriate timeframe. * Adhere to all company policies and procedures, including Information Security Policies and ensure that AMSURG remains as secure as possible. * Regular and reliable attendance is required. * Other duties as assigned. KNOWLEDGE AND SKILLS: To perform this job successfully, an individual must be able to perform each essential responsibility satisfactorily. The requirements listed below are representative of the knowledge, skills and/or abilities required: * Able to communicate complex security risks to non-technical staff. * Strong verbal and written communication skills and ability to influence others. * Ability to use independent judgment to make sound decisions and take action to solve problems. * Able to plan, organize, prioritize, work independently, and meet deadlines. * Ability to work in a collaborative, team environment. * Strong communication skills, interpersonal skills, and presentation skills that allow effective interactions/communications with executives, and business partners across regional and/or functional lines including the cascade of knowledge to the operating level. Education/Experience: * Bachelor's degree from a technical school or an accredited college or university in Business, Sciences, Information Technology, or an equivalent major. * Three (3) to five (5) years of IT compliance and security awareness experience, identifying and remediating security threats and risks. * Demonstrated experience working with regulatory requirements and standards (PCI-DSS, SOC, ISO, BSI, GDPR etc.) and frameworks (ISO, NIST, OWASP, etc.). * Demonstrated experience identifying, assessing, and mitigating regulatory and compliance risks. * Technical understanding of cloud infrastructure, networking, access controls, and change management. * Strong analytical and problem-solving skills, with demonstrated intellectual and analytical rigor. * Detailed knowledge of how operational controls are implemented to meet compliance needs. * Skilled at preparing and presenting compliance and risks reporting at all levels of the company, from operational efforts through Executive level presentations. * Experience working with CISSP/CISM/CISA, CoBIT, and ISO31000; Certifications preferred. We are an Equal Opportunity Employer. We do not discriminate in practices or employment opportunities on the basis of an individual's race, color, national or ethnic origin, religion, age, sex, gender, sexual orientation, marital status, veteran status, disability, or any other prohibited category set forth in federal or state regulations. Must pass a background check and drug screen. #LI-CP1