Senior Governance Risk Compliance Analyst

About The Position

Requirements

• Bachelor's degree in related field required
• An equivalent combination of experience and education will be considered in lieu of a bachelor's degree
• Four (4) years of IT Security or Audit experience required
• Experience in managing and accessing information security risks required
• Detailed knowledge of HIPAA, NIST, PCI, HITRUST, SOC required
• Experience with enterprise level identity management to support trusted interactions between disparate entities required

Nice To Haves

• Healthcare experience preferred
• CISSP, CISM, CRISC, or CISA preferred

Responsibilities

• Maintain program trackers and controls performance for IT Security, ensuring that operational controls, procedures, and resources are documented effectively to manage risk across all enterprise assets including on-prem, COLO, and cloud resources IT Control Testing & Control Health
• Complete assigned IT controls on pre-defined intervals (including ad hoc, daily, weekly, monthly, quarterly, and yearly), ensuring the health of all IT controls, and manages corrective action plans needed to address any control gaps, weaknesses, or failures
• Contribute to compliance audits and assessments by delivering detailed documentation, supporting evidence, and insights related to IT risk management and control activities
• Ensure customer compliance commitments are always met, and support all interactions with customer audits of our program
• Ensure assigned policies and procedures meet audit requirements and periodically update deadlines
• Conduct training and knowledge transfer on the execution of audit related control execution for end users and management
• Support the analysis of complex systems, applications, and processes to evaluate security vulnerabilities and potential threats
• Document the organization's IT assets, maintaining the integrity and confidentiality of sensitive information
• Conduct comprehensive risk assessments of IT systems, networks, and applications to identify potential vulnerabilities and threats
• Support the development of and oversee the execution of risk and exception mitigation strategies and action plans to address identified vulnerabilities and gaps in security controls
• Provide expert guidance and recommendations on security governance best practices, configurations, and system hardening techniques
• Participate in lessons learned to enhance GRC processes and prevent recurrence of exceptions
• Collaborate with internal audit, legal, and compliance teams to address high-level risk-related inquiries, requests, and reporting requirements
• Lead additional projects and perform other duties as assigned

Benefits

• health and dental insurance
• tuition reimbursement
• 401(k) with company match
• pet insurance
• no-cost-to-you vision insurance for you and your qualified dependents