Search 
jobs
Explore 
companies
My job alerts

Senior Cyber Risk & Compliance Analyst

symplr

symplr

This job is no longer accepting applications

See open jobs at symplr.See open jobs similar to "Senior Cyber Risk & Compliance Analyst" Purpose.
Legal, IT
United States
Posted 6+ months ago

Senior Cyber Risk & Compliance Analyst

Job Locations US
ID
2024-1552
Category
Information Security
Position Type
Regular Full-Time

Overview

The Senior Cyber Risk & Compliance Analyst is an individual with solid hands-on understanding and experience of information security, IT governance, risk assessment, and compliance. This position provides organizational support for identifying, reporting, and managing remediation activities for key risks within the organization, ensuring that controls and activities are aligned with overall organization risk strategy. The person assists the security team in improving the security measures, user awareness program, maintaining and enforcing security policies, and ensuring compliance. Responsibilities, include but not limited to coordinating 3rd party vendor risk assessments, gap analysis across the organization, evaluating and maintaining relevant controls/metrics, as well as supporting the ongoing development, maintenance, and enforcement of security policies and standards.

Duties & Responsibilities

  • In collaboration with organization’s Cyber Risk & Compliance team, work with the team to provide vision and guidelines with applicable regulations and cybersecurity frameworks (e.g., HIPAA, PCI DSS, NIST 800).
  • Assist with internal and external audit process(es) for relevant compliance matters, including but not limited to SOC2, HIPAA, HITRUST, etc.
  • Collaborate to develop and implement appropriate policies, procedures, and reporting metrics to ensure the security controls and compliance requirements are met.
  • Assist with designing, deploying, and maintaining organization’s GRC platform.
  • Help lead and define organization’s overall third-party risk management efforts.
  • Assisting in designing, testing, and executing the company’s security incident response and BC/DR plans.
  • Participate in internal and external security audits and risk analysis to identify weaknesses, assess the effectiveness of existing controls, and recommend remedial actions.
  • Stay current and up to date with latest security news, threats, and applicable regulations.
  • Respond to internal users’ security questions/concerns, external audit requests, customers’ assessments, and appropriate compliance requirements.
  • Write technical reports as needed to communicate applicable security incidents and/or potential risks.
  • Work individually and in a team environment. Multitask and use time efficiently to meet project/task deadlines in a fast-paced environment.
  • Other duties as assigned.

Skills Required

  • Bachelor's degree in Information Security, Computer Science, Computer Engineering, Information Technology (or equivalent of education and work experience)
  • Minimum of 4-5 years of experience in Information Security, IT Security, and/or IT Risk Management
  • Proven experience in governance, risk management, and compliance within the cybersecurity realm
  • Demonstrated technical skills in conducting gap analysis regarding baseline security standards
  • Experience in utilizing, managing, and maintaining a commercially available GRC platform
  • Knowledge of cybersecurity frameworks and relevant regulatory requirements
  • Ability to develop and/or modify policies and procedures in compliance with relevant regulatory requirements and management objectives
  • Understanding of IP networking, data centers, IT systems, applications, and databases
  • High level of personal integrity and ability to professionally handle confidential matters
  • Capable of acting calmly and managing incidents under high pressure and stress
  • Capable of multitasking in a fast paced, multifaceted environment
  • Ability to work well with customers, peers, and management
  • Demonstrated organizational, facilitation, presentation, and project management skills with excellent written and verbal communication skills at all levels
  • Proficient with Microsoft Office Suite and Office365 (i.e., Teams, SharePoint)

Preferred Education Experience, Skills and Abilities

  • Master’s degree in Information Security, Computer Science, Computer Engineering, Information Technology (or equivalent of education and work experience)
  • 5-7 years of experience in Information Security, IT Security, and/or IT Risk Management
  • Demonstrated experience in cybersecurity frameworks, such as NIST 800 and ISO/IEC 27001/27002
  • Demonstrated experience and knowledge of relevant regulatory requirements, such as The U.S. Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standards (PCI DSS)
  • Previous working experience in healthcare environments
  • Knowledge and experience in information security and privacy laws, general electronic health information access, release of information, and release control technologies

Min

USD $105,000.00/Yr.

Max

USD $125,000.00/Yr.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

The above job description is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor.

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this opening.


About symplr:

As a leader in healthcare operations solutions, we empower healthcare organizations to navigate the complexities of integrating critical business operations. Our customers are at the heart of everything we do, and they rely on our mission-critical systems to drive better operations and better outcomes.

We are a remote-first company with employees working across the United States, India, and the Netherlands. Guided by values, we focus on teamwork, championing our customers, being rooted in action and outcomes, overcoming challenges, and leading through equality and integrity. Read more about symplr's culture and values at symplr.com/careers.


Perks & Benefits:

  • Company Sponsored Medical, Dental & Vision
  • Safe Harbor 401K with Employer Matching up to 5%, eligible upon hire with immediate vesting
  • HSA Employer Contributions, Employer Paid Life, Short-term and Long-term Disability, and AD&D Insurance Plans
  • Permissive Time Off Plans, Volunteer Time Off, & 12 Paid Holidays
  • Fully Paid Medical Leaves of Absence and Bonding Leaves for new parents
  • Tuition Assistance & Continuing Education Reimbursement available
  • Additional Employer-Paid Programs: Cleo Family Services, Care@Work Memberships, Headspace Memberships, LifeMart Discounts, and more!

symplr is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law.

As an ongoing commitment to reasonably accommodate individuals with disabilities, symplr has established alternative methods to complete the application process. Disabled applicants needing assistance are encouraged to call 281.863.9500 if further assistance is required.


To all recruitment agencies: we do not accept resumes or partnership opportunities. Please do not forward resumes to symplr or any of our employees. We are not responsible for any fees related to unsolicited resumes.


Application FAQs

Software Powered by iCIMS
www.icims.com

This job is no longer accepting applications

See open jobs at symplr.See open jobs similar to "Senior Cyber Risk & Compliance Analyst" Purpose.
See more open positions at symplr
Privacy policyCookie policy