Job Details

Home

Job Title : Compliance Analyst Duration: 6-12 Months Location:Fully Remote at Remote, Remote, USA

Email: [email protected]

From:

zaid Khan,

Panzer

[email protected]

Reply to: [email protected]

Hi,

Greeting from Panzer Solutions, we have been in this industry for a decade now serving our clients and candidates. Please see the requirements below and let me know if you are interested in moving forward.

Job Title : Compliance Analyst

Duration: 6-12 Months

Location:Fully Remote

Job Description:

The EIS Compliance/Governance Analyst will be responsible for assisting in the responsibilities of executing the security framework compliance/governance activities and requirements for Blue Cross Blue Shield.

The Analyst will promote ongoing corporate awareness and maintain tracking and reporting for security policies, standards, processes, and control implementation to confirm they are implemented, monitored, and effectively maintained against compliance of the security framework.

Day-to-day responsibilities will also include documenting adherence to governance requirements across policies/standards, procedures, controls, compliance, training and awareness, and preparing metrics/KPIs and reporting materials.

This role will report to the EIS Compliance and Governance Manager.

Business Analyst responsibilities include:

Assist in the security framework control scoping, evidence collection, control testing and corrective action planning collaboratively across BCBSM/Entities

Maintain a consistent and organized approach to tracking compliance requirements within the enterprise GRC technology solution

Develop and track mitigation plan status with control owners cross-functionally

Develop necessary reports and presentations collaboratively

Perform ongoing analysis and monitoring of critical the security framework requirements to detect potential issues with compliance

Assist in coordinating the enterprise wide activities across key stakeholders and entities

Requirements and skills:

At least 3-5 years of work experience in Information Security, IT general controls, IT compliance, IT Assessments and/or IT audit experience as well as knowledge and understanding of governance, risk, compliance

Knowledge of security and risk frameworks, standards, best practices (e.g., HITRUST CSF, NIST CSF, ISO/IEC 27001, COBIT)

Knowledge of security and risk frameworks, standards, best practices (e.g., HITRUST CSF, NIST CSF, ISO/IEC 27001, COBIT) preferred.

Knowledge and understanding of governance, risk, compliance technology tools, solutions, and trends to improve work results.

Knowledge and understanding of the healthcare industry preferred

Experience working with and/or implementing Governance, Risk & Compliance (GRC) solutions (e.g., MetricStream, Archer).

Experience working with audit firms is desired but not required

Effective written and verbal communication skills and the ability to tailor communication style to the audience at hand.

Experience in coordination and execution of the audit lifecycle, including evidence collection, review, observation tracking, management response collection and auditor relations and communication.

Strong demonstration of problem-solving and decision-making ability.

xperience working on testing of IT controls across systems, databases, applications and operating systems.

Strong ability to frame and deliver messages based on experience and level of the listener.

Strong critical thinking skills to actively pursue opportunities to develop and implement solutions to solve work problems. Must be able to solve problems, handle conflict, and make effective decisions under pressure with a highly professional demeanor.

Strong organizational skills:

Strong ability to adjust to changing priorities while multitasking effectively.

Self-directed and works with minimal guidance.

Proactively seeks guidance when needed.

Self-starter with effective written and verbal communication skills along with strong critical thinking skill

Preferred Skills/Experience Optional but preferred skills/experience. Include:

Assist in the security framework control scoping, evidence collection, and corrective action planning collaboratively across BCBSM entities.

Support the maintenance and tracking of Control Specifications, Control Requirements, Policies/Standards/processes, and Test Plans requirements that align to the security framework.

Maintain a consistent and organized approach to tracking compliance requirements within the enterprise GRC technology solution (e.g., MetricStream).

Develop timely reports and presentations for the Compliance Management Lead and socialize senior leadership, as needed.

Review findings/ non-compliance gaps resulting from internal/external assessments and audits to develop mitigation plan.

Track mitigation plan status with control owners cross-functionally.

Perform ongoing analysis and monitoring of critical the security framework requirements to detect potential issues with compliance.

Escalate identified issues to the Compliance Lead as often as needed.

Work with auditors, vendors to perform compliance assessment audits.

Respond timely to compliance related security questionnaires and inquiries for BCBSM entities and its cloud-based environments.

Assist in coordinating the enterprise-wide information security (IS) controls framework across key stakeholders and BCBSM entities.

aintain tracking for changes in identified organizational risk factors and updates.

Assist in developing communications for the Governance program and coordinate socializing such communications across other functions.

Maintain tracking and ownership of updates to the security framework scoping roadmap across business functions.

Maintain tracking status for IS policy, standard, and processes reviews and exceptions.

Develop necessary reports and presentations collaboratively with the Governance Lead.

Participate and provide support during audits, assessments or other required third-party reviews.

Education/Certifications Include:

Undergraduate university degree (4-year) required.

Masters (e.g., MBA, MSIS, MIS, etc.) degree preferred but not required.

At least 3-5 years of work experience in Information Security, IT general controls, IT compliance, IT assessments and/or IT audit experience.

Certified Information Systems Security Professional (CISSP), CISA, CPA/CA, CISM or other equivalent professional certification preferred but not required.

Thanks & Regards

Zaid khan

[email protected]

Keywords: information technology California

[email protected]
View all

Fri Feb 17 20:08:00 UTC 2023

To remove this job post send "job_kill 372968" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

zaid.khan@panzersolutions.com wrote:
From:

zaid Khan,

Panzer

zaid.khan@panzersolutions.com

Reply to:   zaid.khan@panzersolutions.com

Hi,

Greeting from Panzer Solutions, we have been in this industry for a decade now serving our clients and candidates. Please see the requirements below and let me know if you are interested in moving forward.

Job Title : Compliance Analyst

Duration: 6-12 Months

Location:Fully Remote

Job Description:

The EIS Compliance/Governance Analyst will be responsible for assisting in the responsibilities of executing the security framework compliance/governance activities and requirements for Blue Cross Blue Shield.

The Analyst will promote ongoing corporate awareness and maintain tracking and reporting for security policies, standards, processes, and control implementation to confirm they are implemented, monitored, and effectively maintained against compliance of the security framework.

Day-to-day responsibilities will also include documenting adherence to governance requirements across policies/standards, procedures, controls, compliance, training and awareness, and preparing metrics/KPIs and reporting materials.

This role will report to the EIS Compliance and Governance Manager.

Business Analyst responsibilities include:

Assist in the security framework control scoping, evidence collection, control testing and corrective action planning collaboratively across BCBSM/Entities

Maintain a consistent and organized approach to tracking compliance requirements within the enterprise GRC technology solution

Develop and track mitigation plan status with control owners cross-functionally

Develop necessary reports and presentations collaboratively

Perform ongoing analysis and monitoring of critical the security framework requirements to detect potential issues with compliance

Assist in coordinating the enterprise wide activities across key stakeholders and entities

Requirements and skills:

At least 3-5 years of work experience in Information Security, IT general controls, IT compliance, IT Assessments and/or IT audit experience as well as knowledge and understanding of governance, risk, compliance

Knowledge of security and risk frameworks, standards, best practices (e.g., HITRUST CSF, NIST CSF, ISO/IEC 27001, COBIT)

Knowledge of security and risk frameworks, standards, best practices (e.g., HITRUST CSF, NIST CSF, ISO/IEC 27001, COBIT) preferred.

Knowledge and understanding of governance, risk, compliance technology tools, solutions, and trends to improve work results.

Knowledge and understanding of the healthcare industry preferred

Experience working with and/or implementing Governance, Risk & Compliance (GRC) solutions (e.g., MetricStream, Archer).

Experience working with audit firms is desired but not required

Effective written and verbal communication skills and the ability to tailor communication style to the audience at hand.

Experience in coordination and execution of the audit lifecycle, including evidence collection, review, observation tracking, management response collection and auditor relations and communication.

Strong demonstration of problem-solving and decision-making ability.

xperience working on testing of IT controls across systems, databases, applications and operating systems.

Strong ability to frame and deliver messages based on experience and level of the listener.

Strong critical thinking skills to actively pursue opportunities to develop and implement solutions to solve work problems.  Must be able to solve problems, handle conflict, and make effective decisions under pressure with a highly professional demeanor.

Strong organizational skills:

Strong ability to adjust to changing priorities while multitasking effectively.

Self-directed and works with minimal guidance.

Proactively seeks guidance when needed.

Self-starter with effective written and verbal communication skills along with strong critical thinking skill

Preferred Skills/Experience  Optional but preferred skills/experience.  Include:

Assist in the security framework control scoping, evidence collection, and corrective action planning collaboratively across BCBSM entities.

Support the maintenance and tracking of Control Specifications, Control Requirements, Policies/Standards/processes, and Test Plans requirements that align to the security framework.

Maintain a consistent and organized approach to tracking compliance requirements within the enterprise GRC technology solution (e.g., MetricStream).

Develop timely reports and presentations for the Compliance Management Lead and socialize senior leadership, as needed.

Review findings/ non-compliance gaps resulting from internal/external assessments and audits to develop mitigation plan.

Track mitigation plan status with control owners cross-functionally.

Perform ongoing analysis and monitoring of critical the security framework requirements to detect potential issues with compliance.

Escalate identified issues to the Compliance Lead as often as needed.

Work with auditors, vendors to perform compliance assessment audits.

Respond timely to compliance related security questionnaires and inquiries for BCBSM entities and its cloud-based environments.

Assist in coordinating the enterprise-wide information security (IS) controls framework across key stakeholders and BCBSM entities.

aintain tracking for changes in identified organizational risk factors and updates.

Assist in developing communications for the Governance program and coordinate socializing such communications across other functions.

Maintain tracking and ownership of updates to the security framework scoping roadmap across business functions.

Maintain tracking status for IS policy, standard, and processes reviews and exceptions.

Develop necessary reports and presentations collaboratively with the Governance Lead.

Participate and provide support during audits, assessments or other required third-party reviews.

Education/Certifications  Include:

Undergraduate university degree (4-year) required.

Masters (e.g., MBA, MSIS, MIS, etc.) degree preferred but not required.

At least 3-5 years of work experience in Information Security, IT general controls, IT compliance, IT assessments and/or IT audit experience.

Certified Information Systems Security Professional (CISSP), CISA, CPA/CA, CISM or other equivalent professional certification preferred but not required.

Thanks & Regards

Zaid khan

zaid.khan@panzersolutions.com

Keywords: information technology California

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 25

Location: , Remote