**Details** + **Department:** Security + **Schedule:** Full-Time Monday - Friday 8-5pm CT + **Location:** Remote **Benefits** Paid time off (PTO) Various health insurance options & wellness plans Retirement benefits including employer match plans Long-term & short-term disability Employee assistance programs (EAP) Parental leave & adoption assistance Tuition reimbursement Ways to give back to your community _*Please note, benefits and benefits eligibility can vary by position, exclusions may apply for some roles (for example: Travel, PRN, Short-Term Option, etc.). Actual compensation offer will vary based upon role, education, experience, location, and qualifications. Connect with your Talent Advisor for additional specifics._ **Responsibilities** **Job Summary:** The Sr Security Specialist will be responsible for overseeing compliance initiatives, managing cybersecurity risk, and ensuring that our company meets industry standards and regulatory requirements.As the Cybersecurity Compliance Lead, you will be responsible for managing and executing cybersecurity compliance programs across the organization. This includes ensuring adherence to industry frameworks (such as NIST, ISO 27001, SOC 2), regulatory requirements (such as GDPR, HIPAA, CCPA), and internal policies. In this role, you will be responsible for leading and overseeing our cybersecurity compliance efforts across all company systems, ensuring adherence to industry standards and regulations, and working closely with internal teams and external auditors to maintain a robust security posture. As the Cybersecurity Compliance Sr Specialist, you will be integral to the development, implementation, and maintenance of cybersecurity policies, frameworks, and processes that support a secure and compliant environment. This is an exciting opportunity for someone with deep expertise in cybersecurity, risk management, and regulatory compliance to shape and guide our organization’s security strategy. **Key Responsibilities:** + **Compliance Management:** + Lead efforts to ensure compliance with key cybersecurity regulations and frameworks, such as MITRE attack, NIST, HIPAA, PCI-DSS, SOC 2, ISO 27001, and others. + Coordinate audits and assessments with internal and external auditors to validate compliance with cybersecurity policies and regulatory requirements. + Identify gaps in compliance and lead remediation efforts to address deficiencies. + **Policy and Framework Development:** + Develop, implement, and maintain cybersecurity policies and procedures in alignment with best practices and regulatory standards. + Stay current on cybersecurity laws, regulations, and industry trends to ensure the organization remains compliant with evolving requirements. + **Risk Management:** + Conduct risk assessments and support the development of risk management strategies to reduce security risks. + Work closely with AT, legal, and other departments to assess, document, and mitigate risks related to cybersecurity compliance. + **Training and Awareness:** + Provide training and awareness programs for employees to ensure an understanding of cybersecurity compliance requirements and best practices. + Serve as the primary point of contact for internal and external stakeholders regarding cybersecurity compliance inquiries. + **Reporting and Documentation:** + Prepare and deliver reports on cybersecurity compliance status, audit findings, and remediation efforts to executive leadership. + Maintain comprehensive documentation of compliance efforts, audit results, and corrective actions. **Experience:** + 8+ years of experience in cybersecurity compliance, risk management, or related fields.Strong knowledge of cybersecurity regulations, frameworks, and industry standards (e.g., NIST CSF, ISO 27001, SOC 2, HIPAA, PCI-DSS). + Proven track record in leading audits, assessments, and compliance efforts for large-scale organizations. **Skills & Abilities:** + Expertise in cybersecurity governance, risk, and compliance (GRC) processes. + Strong analytical skills with the ability to assess and interpret complex regulatory requirements. + Excellent communication and leadership skills, with the ability to collaborate across departments and with external auditors. + Ability to prioritize and manage multiple compliance initiatives simultaneously. **Technical Skills:** + Familiarity with GRC tools and platforms + Understanding of IT systems, cloud security, data privacy, and related technologies. **Preferred Qualifications:** + Certifications such as CISSP, CISM, CISA, CRISC, or similar are highly desirable. If a candidate does not currently have a security certification, one must be obtained within the first 6 months of employment. + Experience working in highly regulated industries such as healthcare, finance, or government is a plus. **Working Conditions:** Full-time position with potential after-hours or weekend as needed to manage and support the cybersecurity team. **Requirements** Education: + High School diploma equivalency with 2 years of cumulative experience OR Associate's degree/Bachelor's degree with 1 year of experience OR 5 years of applicable cumulative job specific experience required. 2 years of leadership or management experience preferred. **Additional Preferences** Bachelor’s degree in Cybersecurity, Information Technology, or related field. Advanced certifications (e.g., CISSP, CISM, CISA, ISO 27001 Lead Auditor) are highly preferred. **Why Join Our Team** When you join Ascension, you join a team of over 134,000 individuals across the country committed to a Mission of serving others and providing compassionate, personalized care to all. Our inclusive culture, continuing education programs, career coaches and benefit offerings are just a few of the resources and tools that team members can use to create a rewarding career path. In fact, Ascension spent nearly $46 million in tuition assistance alone to support associate growth and development. If you are looking for a career where you can grow and make a difference in your community, we invite you to join our team today. **Equal Employment Opportunity Employer** Ascension will provide equal employment opportunities (EEO) to all associates and applicants for employment regardless of race, color, religion, national origin, citizenship, gender, sexual orientation, gender identification or expression, age, disability, marital status, amnesty, genetic information, carrier status or any other legally protected status or status as a covered veteran in accordance with applicable federal, state and local laws. For further information, view the EEO Know Your Rights (English) (https://www.eeoc.gov/sites/default/files/2022-10/22-088\_EEOC\_KnowYourRights\_10\_20.pdf) poster or EEO Know Your Rights (Spanish) (https://www.eeoc.gov/sites/default/files/2022-10/22-088\_EEOC\_KnowYourRightsSp\_10\_20.pdf) poster. As a military friendly organization, Ascension promotes career flexibility and offers many benefits to help support the well-being of our military families, spouses, veterans and reservists. Our associates are empowered to apply their military experience and unique perspective to their civilian career with Ascension. Pay Non-Discrimination Notice (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp\_%20English\_formattedESQA508c.pdf) Please note that Ascension will make an offer of employment only to individuals who have applied for a position using our official application. Be on alert for possible fraudulent offers of employment. Ascension will not solicit money or banking information from applicants. **E-Verify Statement** This employer participates in the Electronic Employment Verification Program. Please click the E-Verify link below for more information. E-Verify (https://e-verify.uscis.gov/web/media/resourcesContents/E-Verify\_Participation\_Poster\_ES.pdf)