Share this Job
Apply now »

Senior Analyst Information Security

Date:  Jun 26, 2022
Brand:  EyeMed Vision Care

Mason, OH, US, 45040

Requisition ID: 644322 
Total Rewards: Benefits/Incentive Information


There’s more to EyeMed than meets the eye. EyeMed is the fastest growing managed vision benefits company in the country with consistent double-digit membership growth! Through our commitment to innovation, we’re reimagining the way employers and their employees think about vision care. We want them to see life to the fullest and experience more of what’s best, not more of the same.  And if what’s best hasn’t been done yet, it’s our exceptional and passionate employees driving this change. But, our passion for vision isn’t just about vision insurance benefits. Our employees are proud to support and participate in life-altering global and local missions through our partnership with OneSight, a leading not-for-profit organization with a 100% focus on eradicating the world’s vision crisis.


Your family says a lot about who you are. EyeMed is a key member of the Luxottica family of companies, global leaders in the design, manufacture and distribution of fashion, luxury and sports eyewear.  In North America, Luxottica is the home to global brands Ray-Ban, Oakley and many top fashion house brands.  Our leading retail brands include LensCrafters, Sunglass Hut, Pearle Vision, and Target Optical.


If you’re passionate about driving innovation and change and interested in a career in the optical and insurance industry, EyeMed wants to start the conversation and help provide you a growth-focused opportunity with America’s fastest growing vision benefits company.


The Security Analyst will support the information security team in governance, risk, and compliance initiatives and perform risk responses, acceptance or mitigation, for Management and external Client inquiries that illustrates how the organization is enforcing established security controls related to data protection and risk management. The analyst will also ensure compliance with the policies and procedures necessary to ensure the security of information system assets and to protect them from intentional or inadvertent access, disclosure, or destruction in accordance with company policies and external requirements such as HIPAA, HITRUST, SSAE-18 and PCI. The analyst will coordinate security awareness efforts for the organization.



  • Analyze vulnerability assessment data to identify technical risks to the organization
  • Support the identification and impact classification for new vulnerabilities identified
  • Execute and support vulnerability assessments, penetration testing and social engineering activities
  • Provide the Information Security and IT Security team information on the emerging cyber threat landscape, including threat actor tactics, techniques, and procedures
  • Support the Information Security (IS) team in achieving the vision and strategic objectives of the function
  • Support leadership to identify capability gaps in vulnerability management services
  • Conduct analysis and aggregation of vulnerability data from various sources
  • Manage and utilize IS tools such as DLP, Code scanner, external security profile, etc. to analyze gaps in security controls
  • Participate in the IT SDLC program to ensure that security is included in project by default and by design
  • Develop strong working relationships with other departments and potentially clients across the organization to ensure a high degree of security compliance client satisfaction
  • Brief IS leadership on vulnerability assessment results and potential risks
  • Continue self-development of knowledge, skills and abilities to better support execution of the IS function



  • Bachelor’s degree computer science, IT or equivalent work experience
  • 3+ years of experience in IT or IS
  • Experience with major standards such as: SOC 1-2, ISO 27001/2, PCI DSS, HITRUST, SANS, NIST
  • Demonstrated experience in implementing compliance frameworks for financial services organization or organizations with similar information security needs and requirements
  • Familiarity and understanding of broad range of IT hardware and software products
  • Strong project management skills
  • Excellent presentation, verbal communication, and written skills
  • Excellent analytical and problem-solving skills
  • Experience managing typical enterprise security and intrusion detection systems
  • Ability to work in a collaborative environment across business and technology teams



  • Certified Information Systems Security Profession (CISSP), PCI DSS, Certified HIPAA Privacy Security Expert (CHPSE), Certified Information Security manager (CISM), Global Information Assurance Certification (GIAC), or related.
  • Experience or knowledge with healthcare or health insurance
  • Knowledge of CMS and HIPAA related vendor requirements
  • Working knowledge of Security SDLC tools

Upon request and consistent with applicable laws, Luxottica will provide reasonable accommodations to individuals with disabilities who need assistance in the application and hiring process.  To request a reasonable accommodation, please call the Luxottica Ethics Compliance Hotline at 1-888-887-3348 (be sure to provide your name and contact information so that we may follow up in a timely manner). 

We are an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, gender, national origin, social origin, social condition, being perceived as a victim of domestic violence, sexual aggression or stalking, religion, age, disability, sexual orientation, gender identity or expression, citizenship, ancestry, veteran or military status, marital status, pregnancy (including unlawful discrimination on the basis of a legally protected pregnancy or maternity leave), genetic information or any other characteristics protected by law.  Native Americans receive preference in accordance with Tribal Law.

Nearest Major Market: Cincinnati

Apply now »