| Opening for GRC analyst OR consultant - Hybrid at Remote, Remote, USA |
| Email: [email protected] |
|
http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=458248&uid= From: meenakshi bisht, kpg99 [email protected] Reply to: [email protected] Title- GRC analyst Location- Hybrid in Berwyn PA(local or nearby) Duration-6+months GC/USC ONLY LinkedIn must Focus on a 3+ year GRC Analyst with a tool-agnostic approach to GRC. HITRUST (healthcare/compliance) experience. Strong background across security risk/compliance. JOB SUMMARY: Develop, implement, and mature the IT security risk management framework, including Factor Analysis of Information Risk (FAIR), risk acceptance process, and risk reporting. Apply information security risk expertise to develop loss event scenarios across business units, projects, and third parties. Identify, develop, and analyze risk scenarios with cybersecurity team members and business partners. Peer review identified risks and analysis by other analysts. Develop enterprise security policy and processes. Monitor and manage ongoing policy compliance. Establish, maintain, and mature the security risk register. Gather, analyze, and report status and metrics on risks. Develop and mature risk management dashboards and reports to inform risk prioritization, risk remediation, and management decision-making. Conduct internal information security assessments. Work with external security vendors to gauge adherence to standards. Work with projects and business lines to drive information security requirements and assure compliance with organizational requirements. Mature security awareness, training, and security communication. Knowledge and conceptual understanding of security controls (Identity and Access Management, IT General controls, etc.). Foster a team culture of continuous improvement, mentoring and learning, data driven decisions, and accountability for delivery of key metrics and deliverables is required. Excellent communication and presentation skills at every level including executives is required Strong analytical and troubleshooting skills. Works closely with other members of the Information Security and various other business units in a collaborative and goal-oriented manner. Primary Customers or Key Working Relationships: IT, Internal Audit, Privacy and Compliance, Supply Chain, Legal, Clinical & other business units as needed. Education: bachelor's degree in information technology/Information Security/Mathematics/Business preferred. 5+ years of experience in information security, risk management, and/or IT (Information Technology) audit fields. Strong analytical, research, and problem-solving skills. Experience in qualitative and quantitative risk assessment. Experience mentoring junior staff. Experience leading meetings with cross-functional teams to collect information. Licensures & Certifications: CRISC preferred, FAIR fundamentals, FAIR analyst, HITRUST Certified CSF Practitioner (CCSFP), CISM, CISSP. Experience: 5+ years audit, GRC, experience preferably in a Healthcare Environment. Regards, Meenakshi Bisht Technical Recruiter D: 609-357-5502 E: [email protected] Note:: We are going through prime vendor. Keywords: information technology green card Pennsylvania http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=458248&uid= |
| [email protected] View All |
| 02:11 AM 28-Jul-23 |