Governance, Risk and Compliance Analyst
Cone Health
The Governance, Risk & Compliance (GRC) Analyst will collaborate with process owners, internal auditors, external auditors, and other stakeholders in order to assist in reviewing, monitoring, and resolving cybersecurity risk. This includes helping the organization manage HITRUST, HIPAA and NIST Common Security Framework (CSF) audits and attestations. By supporting the implementation of internal and external assessments, responding to and managing the full lifecycle of compliance audits, and ensuring compliance with existing and emerging regulations and standards including SOC2, ISO 27001, PCI-DSS, SOX, and other GRC activities, the Principal GRC Analyst will also contribute to supporting the organization?s IT compliance program.
Support the completion of risk and vulnerability assessments, validation testing, compliance reviews, and audits in accordance with NIST and HITRUST standards.
Maintain and monitor a central repository for all security risks and audit evidence.
Maintain security standards, policies, and practices on an annual basis to make sure they meet organizational and regulatory requirements.
Maintain a security awareness training program in order to educate associates about security compliance standards, risk management practices, and ethical behavior.
Collaborate with legal and compliance teams to ensure policies and security controls align with regulatory requirements."
Performs other duties as assigned.
EDUCATION:Required: Bachelor's Degree and/or equivalent experience
EXPERIENCE:Required: 3 years
LICENSURE/CERTIFICATION/REGISTRY/LISTING:Required: CompTIA Security +
Equal Opportunity Employer At Cone Health, we strive to create a welcoming atmosphere that celebrates a diverse and unique workforce. We believe in offering equal opportunities for employment to all applicants and employees, regardless of their race, religion, age, sex, sexual orientation, gender identity, veteran's status, ethnicity, national origin, disability, color, or any other characteristic protected by law. Our hiring and employment choices are based on each individual's qualifications, skills and performance. We believe that by embracing the diversity of our team, we can better serve our patients, communities and each other.
Support the completion of risk and vulnerability assessments, validation testing, compliance reviews, and audits in accordance with NIST and HITRUST standards.
Maintain and monitor a central repository for all security risks and audit evidence.
Maintain security standards, policies, and practices on an annual basis to make sure they meet organizational and regulatory requirements.
Maintain a security awareness training program in order to educate associates about security compliance standards, risk management practices, and ethical behavior.
Collaborate with legal and compliance teams to ensure policies and security controls align with regulatory requirements."
Performs other duties as assigned.
EDUCATION:Required: Bachelor's Degree and/or equivalent experience
EXPERIENCE:Required: 3 years
LICENSURE/CERTIFICATION/REGISTRY/LISTING:Required: CompTIA Security +
Equal Opportunity Employer At Cone Health, we strive to create a welcoming atmosphere that celebrates a diverse and unique workforce. We believe in offering equal opportunities for employment to all applicants and employees, regardless of their race, religion, age, sex, sexual orientation, gender identity, veteran's status, ethnicity, national origin, disability, color, or any other characteristic protected by law. Our hiring and employment choices are based on each individual's qualifications, skills and performance. We believe that by embracing the diversity of our team, we can better serve our patients, communities and each other.
Confirm your E-mail: Send Email
All Jobs from Cone Health