Skip Navigation

Business Information Security Analyst

Requisition Number 21-93 Job Location Brentwood, Tennessee

Welcome to the new standard of healthcare! 

Premise Health is the world’s leading healthcare access provider. We deliver purpose-driven career experiences in a culture-centric work environment—ensuring that employees at the nation's best companies get, stay, and be well. In a changing healthcare environment, we know there's a better way for organizations to help their people live healthier lives by delivering the right care at the right time, right where they work. Partnered with visionary organizations around the globe, we offer a broad range of healthcare services and deliver an effortless patient experience that raises the bar, lowers costs, and redefines the meaning of quality care. By shifting the conversation from cost to return and from treatment to prevention, we are committed to help people, their families, and the organizations they work for be at their best.

We are looking for a GRC Business Information Security Analyst to work at our Corporate office in Brentwood, TN! If you possess a “whatever it takes attitude” keep reading.

It’s hard to pinpoint a “typical” day here (and who wants typical anyway?), but as a member of Premise Health’s IT Governance, Risk, & Compliance (GRC) team, the GRC Business Information Security (BIS) Analyst supports the organization’s growth and strategy functions by working with the GRC BIS Manager to align organizational goals and objectives with security obligations (e.g. factoring security considerations into new business ventures). The GRC BIS Analyst analyzes information, identifies risks, and recommends solutions to management.

What You’ll Do for Us:

  • Operationalizes and maintains (or assists in the smooth transfer of when appropriate) BIS programs and governance processes
  • Helps the risk management program meet the organization’s strategic goals and comply with applicable laws and standards
  • Analyzes business goals and security requirements for new technology
  • May be involved in security authorization processes of newly acquired or developed systems, application software, devices, etc.
  • May be involved in aligning new product and/or line of service initiatives to delivery requirements, risk constraints, and expectations of the client market
  • Calculates security and business risks from product and line of service strategy through development
  • Presents risks to management through operationalized BIS programs
  • Collaborates with technical teams (e.g. corporate compliance, internal auditing and corporate risk management) during the strategic planning and implementation of new business initiatives
  • Educates leadership, staff, and associates on procedures related to risk management, safety, security, and quality improvement


  • Bachelor’s degree from an accredited university or equivalent work experience
  • CISA or CISSP preferred.
  • PMP certification a plus.


  • 2-4 years of experience in IT security/risk management, project management, or implementations (IT, healthcare, or federal sectors are pluses)

Knowledge and Skills:

  • Strong working knowledge of key compliancy regulations and requirements (e.g. PCI-DSS, HIPAA, HITRUST)
  • Ability to understand data flows, data ownership, and data governance requirements
  • Ability to work with teams and management on complex projects
  • Ability to work in a team-oriented, collaborative environment
  • Ability to learn and research new concepts, ideas, and technologies quickly
  • Ability taking a concept from idea to completion
  • Strong working knowledge and application of Microsoft Office Suite (Word, Excel, PowerPoint, SharePoint)
  • Exceptional written, presentation and oral communication skills
  • Knowledge of emerging trends tools, methodologies and best practices in information technology and security
  • Knowledge of IT risk controls and compliance frameworks (e.g. SOC2, ISO 27001, NIST 800 series, ITIL)
  • Knowledge of risk management theory, industry best practices, and quality frameworks (e.g. ISO, Lean Six Sigma, CMMi and ITIL)

What We’ll Do for You:

At Premise Health, you’re not an employee – you’re a team member. We have health centers, pharmacies, fitness centers and offices scattered across the country, but we’re all working together to deliver exemplary and delightful service to our clients, their employees and family members. We’re proud of the culture we’ve built, and we aim to assist our team members in living their best life – in and out of the workplace. That’s why you’ll find us taking a yoga class together or starting a book club. We know that we can only help people get, stay, and be well if we do the same for ourselves. We’re also not afraid to share what we’re up to – check out some of our smiling faces.

As an employer, we want to compensate you for the work you do with more than a paycheck (although you’ll get one of those too). Premise Health offers competitive benefits packages including medical, dental, vision, life insurance, 401(k), paid holidays and vacation time, and a company-sponsored wellness program. We are an equal opportunity employer of nice people and value inclusion at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Apply Now

Recently Viewed Jobs

You have not recently viewed any jobs

Job Alerts Sign up

Join our talent network and receive job alerts based on your criteria below.

Sign Up

1Search for a category and select one from the list of suggestions. Select a location from the list of options. Leaving this field as is will select all location options. Finally, click “Add” to create your job alert.

Life at Premise Health

Jobs For Veterans

We’re committed to making your transition to Premise Health simple.

Learn More

Our Culture

We've built a remarkable corporate culture around innovation.

Learn More


We want you to get the most from your health and wellness benefits program.

Learn More