: InfoSec Risk Analyst – athenaShield (Information Security)
311 Arsenal Street
Watertown, MA 02472

Employee Testimonials

Office Tour Photos

Video

We are looking for a Lead for our Threat Intelligence team to work within our Information Security division athenaShield. This role will be a key piece of the security program at athenahealth. Your job will be to partner with the CISO and their leadership team to help strategize program direction, execute on key initiatives and programs, and measure and report on significant deliverables on behalf of the team. You will work closely with security leadership, security engineering, compliance, internal audit, infrastructure, development, and operational teams. This role reports the Executive Director of Threat and Vulnerability Management. But enough about us; lets talk about you.

You can effectively collaborate with both engineer level stakeholders and senior leaders. You make good (and timely) decisions that keep the organization moving forward. You are a confident presenter with clear executive presence and can effectively speak to C-level audiences. You influence without authority. You motivate peers to engage in collaborative and efficient ways to meet team and company objectives. You possess the ability to gather and define requirements for successful goal and deliverable expectations. You remain positive in challenging situations!

The Team: athenaShield is the team within athenahealth responsible for defining and driving the cybersecurity and resilience strategies.

Job Responsibilities

  • Collaborate with security engineering and business/product stakeholders to identify security risks and make recommendations to mitigate those risks
  • Own and manage athenahealths vulnerability management program, which includes
  • Identifying vulnerabilities (through network scans, pen testing, etc.) and misconfigurations
  • Assessing and coordinating assessments of findings
  • Facilitating the operations behind follow-up on old findings
  • Reporting on the state of the program to relevant stakeholders
  • Representing the program for 3rd party audits
  • Support and engage with our client RFP team to enable athenahealths ability to answer client and prospective clients security questions
  • Coordinate and manage due diligence efforts - including Mergers & Acquisition and Vendor assessments
  • Design and improve processes to enable the security team to run effectively and enables our (internal) customers to engage with the security team as needed
  • Manage policy and procedure creation and maintenance
  • Report on initiatives the security team is working on to both team leadership as well as athenahealth stakeholders - this includes using various tools to help visualize the reporting in meaningful ways depending on the stakeholder
  • Act as the liaison between security and various internal stakeholder teams (e.g. Corporate Development)
  • Drive efforts for security initiatives and projects to meet deadlines and deliver value to the company - this includes defining the definition of done for such projects
  • Actively participate in security leadership, strategy, and goal setting discussions
  • Facilitate the security portion of the enterprise risk program - including identifying risk appetite, conducting assessments, facilitating updates for mitigation plan and/or risk acceptance criteria and reporting

Typical Qualifications

  • 4+ years overall professional experience, inclusive of a minimum of 5 years of product/project/program management experience
  • Experience or a strong interest in Cybersecurity, Information Security
  • Experience in facilitating or managing risk assessments (e.g. threat modeling, pen testing)
  • Experience working with Agile (Scrum) teams is a plus
  • Experience with using Archer, Jira, ServiceNow, Confluence is a plus
  • Experience with security certifications and assessment is a plus - including: PCI-DSS, HITRUST

About athenahealth

  • Our Vision: To create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.
  • Our Location: This role is based in Watertown, MA, just a few miles outside of Boston. Watertown is our Global Headquarters and our campus, the Arsenal on the Charles, is home to several restaurants, a local gym and large outdoor space. This office also has a cafeteria, coffee caf and food trucks that rotate every day.
  • Our Culture: At athenahealth, our employees (or athenistas) are committed to making healthcare smarter. Our success is dependent on the diversity, collective spirit, and contributions of our people, clients and partners. We value teamwork and believe that the strength of our team comes from supporting each other and leveraging our specialized skills. If you are looking for a company that will enable you to work outside of your comfort zone to transform the healthcare ecosystem, athenahealth is the place for you.
  • Our Perks: Along with health & financial benefits, our athenistas are offered a variety of perks that promote employee wellbeing such as commuter support, collaborative workspaces and dog-friendly offices - just to name a few.
Full-time

Employee Testimonials

Olivia Adams
Lead Member Of Technical Staff

“I enjoy working at athenahealth because I am making something that matters.  My passion isn’t writing code - it’s what writing code enables me to do, which is make something for other people.  And there’s no nobler cause than healthcare.”

 

Sherry Cheuk
Product Operations Manager

“athenahealth has a mission to transform healthcare, which is something I really admire.  Every company out there is trying to grow, but I think our focus on making an impact and delivering value is really powerful.  Our work is about improving people’s lives.”