Product Security Analyst

Healthcare's helping hand.

CHG shook things up in 1979 by inventing the locum tenens staffing model.

We connect doctors with patients who need their care.

As the largest physician staffing firm in America, our providers treat millions of patients each year.

Our industry is growing and demand is high.

This means you'll have plenty of opportunities to grow and develop in your career.

Keeping healthcare healthy can be as fun as it is rewarding

Information Security & Privacy is looking for a Product Security Analyst to join our team.

The Product Security Analyst will establish Product risk management framework and governance processes across CHG Healthcare's multi-brand portfolio.

As a Product Security Analyst on the ISP team you will lead data classification initiatives, manage risk acceptance processes, and deliver executive security reporting.

This role will report to the Sr.

Manager Application Security.

Responsibilities


* Lead data classification initiatives across CHG's systems, ensuring proper handling of sensitive healthcare data


* Establish and manage formal risk acceptance processes with business teams, facilitating informed security decisions


* Develop and deliver monthly executive security risk reports with metrics and trending analysis


* Leverage AI tools to analyze security data, identify patterns, and generate actionable insights at scale


* Support roadmap deliverables focused on building risk management and governance capabilities

Qualifications

• Strong understanding of information security principles, risk assessment methodologies, and data classification

• Experience developing and presenting security metrics and reports to executive audiences

• Excellent analytical skills to synthesize complex information into clear recommendations

• Ability to creatively use AI tools to enhance analysis, reporting, and communication workflows

• Strong stakeholder management and communication skills across technical and business teams

Education & Experience

• 3+ years of experience in security analysis, risk management, or GRC (Governance, Risk, and Compliance) roles

• Bachelor's degree in Information Security, Risk Management, Business Administration, or related field, or equivalent work experience

Preferred

• Experience in healthcare or highly regulated industries

• Security or risk management certifications such as CISSP, CISM, CRISC, or CGRC

• Knowledge of HIPAA, SOC 2, ISO 27001, and other compliance frameworks

• Experience with GRC platforms (ServiceNow GRC, Archer, LogicManager, etc.)

We believe in fair compensation for all of our people, which is why our pay structure takes into account the cost of labor across U.S.

geographic markets.

For this position, we offer a pay range of $74,100 -- $143,300 annually, with pay varying depending on work location and job-related factors such as knowledge, position level and experience.

During the hiring process, your recruiter can pro...