Senior Security Compliance Analyst

Centene Corporation

About The Position

You could be the one who changes everything for our 28 million members. Centene is transforming the health of our communities, one person at a time. As a diversified, national organization, you’ll have access to competitive benefits including a fresh perspective on workplace flexibility. Position Purpose: Develops, monitors, maintains and improves the enterprise security program. Assists in the compliance of enterprise security initiatives and creates reports that will impact decisions made at both the executive and Board levels. Mature and automate processes, where possible, to manage security risk including. Maintain awareness of existing and proposed enterprise security policies and standards. Provide support in security policy and standard development. Identify regulatory changes that will affect information security policies, standards and procedures, and recommends appropriate changes. Support security control owners with control design and implementation Lead the design, evaluation and oversight of controls for key security and security IT projects, programs, applications and systems, e.g. the Enterprise Control Framework Partner to ensure appropriate corrective actions for data security incidents. Partner with Information Security, Business Continuity, Vendor Management, Information Technology, Risk Management, Audit, and Privacy Officer to ensure appropriate follow up and closure of findings and issues are completed. Perform assigned tasks within the GRC tool (Archer) within the defined SLAs. Perform related duties as assigned or requested, including security metrics reporting and information security process improvements. Performs other duties as assigned. Complies with all policies and standards.

Requirements

Bachelor’s degree in Information Security, related field, or equivalent experience required.
4+ years of experience with security domains required.
Knowledge of NIST 800-53, HITRUST, and ISO 27001 required.

Nice To Haves

CISA, CGEIT, CRISC, CISM, or CISSP preferred

Responsibilities

Develops, monitors, maintains and improves the enterprise security program.
Assists in the compliance of enterprise security initiatives and creates reports that will impact decisions made at both the executive and Board levels.
Mature and automate processes, where possible, to manage security risk including.
Maintain awareness of existing and proposed enterprise security policies and standards.
Provide support in security policy and standard development.
Identify regulatory changes that will affect information security policies, standards and procedures, and recommends appropriate changes.
Support security control owners with control design and implementation
Lead the design, evaluation and oversight of controls for key security and security IT projects, programs, applications and systems, e.g. the Enterprise Control Framework
Partner to ensure appropriate corrective actions for data security incidents.
Partner with Information Security, Business Continuity, Vendor Management, Information Technology, Risk Management, Audit, and Privacy Officer to ensure appropriate follow up and closure of findings and issues are completed.
Perform assigned tasks within the GRC tool (Archer) within the defined SLAs.
Perform related duties as assigned or requested, including security metrics reporting and information security process improvements.
Performs other duties as assigned.
Complies with all policies and standards.