Associate Security Analyst, Risk and Security

Press Ganey & Associates
279d$54,000 - $70,000Remote
Match Resume

About The Position

The Associate Security Analyst, Risk and Security is an individual contributor in PG Forsta's Risk and Security team and is responsible for reviewing and auditing controls that manage information risk and security. The duties of each member of the security team can fluctuate based on needs and risks, but this analyst will be primarily responsible for ensuring that the organization's security practices remain in compliance with all internal policies, pertinent laws and regulations, and client commitments. While this is not a primarily technical role, the analyst is expected to understand information security practices and technologies from an audit and compliance perspective. All analysts in the Risk and Security team are expected to contribute to the design, implementation, and governance of security policies and apply this knowledge to answering questions from internal teams, clients and auditors. Additionally, questions related to technologies, solutions, and processes that secure corporate applications, data, computers, and networks is answered based on documentations provided to the Risk and Security team. As a contributor to the team, this analyst will be expected to stay informed of information security practices, changes to the company environment and act as a trusted subject matter expert for the team.

Requirements

  • High School Diploma or equivalent
  • Background in audit and governance practices
  • Understanding of information security practices and technologies from an audit and compliance perspective

Responsibilities

  • Requesting, submitting and filing artifacts related to the completion of third-party audits including, but not limited to HITRUST CSF, SOC 2, ISO 27001, FedRAMP, TX-RAMP and contractually required frameworks
  • Responding to requests for information about the PG Forsta security program and the security of PG Forsta's products
  • Evaluating the security of PG Forsta vendors as part of the third-party risk management program
  • Work with external auditors to interpret audit requests into actionable requests and provide responses
  • Collect and review evidence of technical control implementation and report on deficiencies and control failure
  • Communicate significant control and compliance risk to management
  • Identify opportunities for improvement in response and evidence collection by consolidating audit requirements
  • Identifying areas that would support automating evidence collection
  • Supporting an ongoing audit-friendly culture
  • Collect and update information in the organization's Risk and Security knowledge repositories
  • Monitor and audit people, processes, and technology to ensure compliance with approved policies
  • Complete tasks associated with internal controls monitoring and report on collection difficulties or escalate to management as appropriate
  • Assist with the documentation of computer security and emergency measures policies, procedures, and tests
  • Work with Legal, Technology, and other business partners to communicate, translate and maintain controls that protect data and appropriately manage its lifecycle
  • Identify and communicate risks relating to PG Forsta data, systems, and personnel as discovered

Benefits

  • Base salary range from $54,000 to $70,000
  • Discretionary bonus or commission tied to achieved results
  • Competitive benefits package

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Entry Level

Industry

Professional, Scientific, and Technical Services

Education Level

High school or GED

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service