| 3-5 yrs Business Analyst with HIITRUST, 100% Remote- with the RATE $32--Anywhere in the USA at Remote, Remote, USA |
| Email: [email protected] |
| From: faraz, panzer [email protected] Reply to: [email protected] Hi, My name is Faraz and I am working as Talent Acquisition at Panzer Solutions LLC. We deal with US IT and non IT recruitment services. We have the below opening with your preferred client, Let me know if you are available & interested in this position. If interested please share a copy of your resume and best number to reach. Job title: Business Analyst WITH HITRUST Location : 100% Remote Duration : 12+ Months RATE IS $32 Job brief The EIS Compliance/Governance Lead Analyst will be responsible for leading other analysts, assisting in the responsibilities of executing the security framework compliance/governance activities and requirements for Blue Cross Blue Shield. The Lead Analyst will promote ongoing corporate awareness and maintain tracking and reporting for security policies, standards, processes, and control implementation to confirm they are implemented, monitored, and effectively maintained against compliance of the security framework. Day-to-day responsibilities will also include documenting adherence to governance requirements across policies/standards, procedures, controls, compliance, training and awareness, and preparing metrics/KPIs and reporting materials. This role will report to the EIS Compliance and Governance Manager. Analyst responsibilities include: Assist in the security framework control scoping, evidence collection, control testing and corrective action planning collaboratively across BCBSM/Entities Maintain a consistent and organized approach to tracking compliance requirements within the enterprise GRC technology solution Develop and track mitigation plan status with control owners cross-functionally Develop necessary reports and presentations collaboratively Perform ongoing analysis and monitoring of critical the security framework requirements to detect potential issues with compliance Assist in coordinating the enterprise wide activities across key stakeholders and entities Requirements and skills At least 3-5 years of work experience in Information Security, IT general controls, IT compliance, IT Assessments and/or IT audit experience as well as knowledge and understanding of governance, risk, compliance Knowledge of security and risk frameworks, standards, best practices (e.g., HITRUST CSF, NIST CSF, ISO/IEC 27001, COBIT) Knowledge of security and risk frameworks, standards, best practices (e.g., HITRUST CSF, NIST CSF, ISO/IEC 27001, COBIT) preferred. Knowledge and understanding of governance, risk, compliance technology tools, solutions, and trends to improve work results. Knowledge and understanding of the healthcare industry preferred Experience working with and/or implementing Governance, Risk & Compliance (GRC) solutions (e.g., MetricStream, Archer). Experience working with audit firms is desired but not required Effective written and verbal communication skills and the ability to tailor communication style to the audience at hand. Experience in coordination and execution of the audit lifecycle, including evidence collection, review, observation tracking, management response collection and auditor relations and communication. Strong demonstration of problem-solving and decision-making ability. Experience working on testing of IT controls across systems, databases, applications and operating systems. Strong ability to frame and deliver messages based on experience and level of the listener. Strong critical thinking skills to actively pursue opportunities to develop and implement solutions to solve work problems. Must be able to solve problems, handle conflict, and make effective decisions under pressure with a highly professional demeanor. Strong organizational skills Strong ability to adjust to changing priorities while multitasking effectively. Self-directed and works with minimal guidance. Proactively seeks guidance when needed. Self-starter with effective written and verbal communication skills along with strong critical thinking skillPreferred Skills/Experience Optional but preferred skills/experience. Include: Assist in the security framework control scoping, evidence collection, and corrective action planning collaboratively across BCBSM entities. Support the maintenance and tracking of Control Specifications, Control Requirements, Policies/Standards/processes, and Test Plans requirements that align to the security framework. Maintain a consistent and organized approach to tracking compliance requirements within the enterprise GRC technology solution (e.g., MetricStream). Develop timely reports and presentations for the Compliance Management Lead and socialize senior leadership, as needed. Review findings/ non-compliance gaps resulting from internal/external assessments and audits to develop mitigation plan. Track mitigation plan status with control owners cross-functionally. Perform ongoing analysis and monitoring of critical the security framework requirements to detect potential issues with compliance. Escalate identified issues to the Compliance Lead as often as needed. Work with auditors, vendors to perform compliance assessment audits. Respond timely to compliance related security questionnaires and inquiries for BCBSM entities and its cloud-based environments. Assist in coordinating the enterprise-wide information security (IS) controls framework across key stakeholders and BCBSM entities. Maintain tracking for changes in identified organizational risk factors and updates. Assist in developing communications for the Governance program and coordinate socializing such communications across other functions. Maintain tracking and ownership of updates to the security framework scoping roadmap across business functions. Maintain tracking status for IS policy, standard, and processes reviews and exceptions. Develop necessary reports and presentations collaboratively with the Governance Lead. Participate and provide support during audits, assessments or other required third-party reviews. Education/Certifications Include: Undergraduate university degree (4-year) required. Masters (e.g., MBA, MSIS, MIS, etc.) degree preferred but not required. At least 3-5 years of work experience in Information Security, IT general controls, IT compliance, IT assessments and/or IT audit experience. Certified Information Systems Security Professional (CISSP), CISA, CPA/CA, CISM or other equivalent professional certification preferred but not required. Faraz Talent Acquisition | Panzer Solutions LLC 50 Washington Street, 9th Floor, SONO Corporate Center, Norwalk CT 06854 Contact: 203-446-4514 * 159 , Testimonials: http://www.panzersolutions.com/testimonials Keywords: access management information technology California Connecticut |
| [email protected] View all |
| Fri Feb 17 18:04:00 UTC 2023 |