We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Remote
CareSource jobs

Info Sec GRC Analyst III

CareSource
$92,300.00 - $161,600.00
United States
Feb 14, 2025

Job Summary:

The Information Security GRC Analyst III plays a critical role in an organization's governance, risk, and compliance (GRC) initiatives. This senior-level position involves designing, implementing, and maintaining security frameworks, assessing risks, ensuring compliance with policies and standards, and fostering a security-conscious culture. The role requires expertise in GRC methodologies, the ability to lead complex projects, and the capability to work across departments to manage and mitigate security risks.

Essential Functions:

  • Perform risk assessments and analyze potential threats to the organization's information assets and validate compliance with HIPAA
  • Ensure compliance with relevant regulations and standards (e.g., NIST CSF, NIST 800-171, HIPAA)
  • Recommend and prioritize risk mitigation strategies and controls
  • Support incident response teams in identifying and mitigating security incidents
  • Recommend and implement corrective actions to address gaps and vulnerabilities identified during assessments or incidents
  • Provide Project Leadership for GRC related projects
  • Develop and deliver risk presentations and training for employees
  • Measure, monitor, and report on information security risks to senior leadership
  • Evaluate contracts and negotiate redlines to ensure optimal terms for the company, with a focus on mitigating information security and cyber risk
  • Review and report on vendor/third party risk to support vendor risk management activities with a strong attention to detail
  • Engage staff and/or vendors to develop information security risk mitigation plans to address risks identified in Vendor risk reviews
  • Monitor and report on information security risk mitigation plans to ensure timely execution
  • Foster employee engagement in information security risk management by promoting awareness of their responsibilities and accountabilities in mitigating security risks
  • Conduct regular ongoing assessments/monitoring and provide management with detailed reports on any exceptions to information risk management policies, procedures, and thresholds
  • Acts as technical expert in functional domain
  • Recommends technical advancements to improve CareSource customer and partner experiences
  • Provide guidance and mentorship to junior team members
  • Perform any other job related instructions as requested

Education and Experience:

  • Bachelor Degree or equivalent years of relevant work experience required
  • Minimum of seven (7) years of relevant work experience is required

Competencies, Knowledge and Skills:

  • Ability to effectively prioritize and execute tasks while working both independently and in a team-oriented, collaborative environment
  • Ability to translate technical concepts into business-friendly language
  • Ability to manage multiple assessments, projects, deadlines, and stakeholders effectively
  • Meticulous approach to identifying gaps in policies, procedures, or compliance requirements
  • Ensure thoroughness in documentation, reporting, and auditing activities
  • Strong interpersonal skills including excellent written and verbal communication skills; listening and critical thinking; presentation skills, facilitation skills
  • Uphold the highest standards of ethics and confidentiality in managing sensitive information
  • Ability to establish effective working relationships with stakeholders at all different levels
  • Flexibility during organizational and/or business changes
  • Ability to manage multiple projects while demonstrating a sense of urgency
  • Informed on emerging risks, threats, vulnerabilities, and the latest advancements in risk management practices
  • Working technical knowledge/experience of the following:
    • IT Audit
    • Application, server, and network security
    • Cloud Security best practices (e.g. AWS, Azure, Google)
    • Monitoring security events and supporting incident response activities
    • Microsoft Office
    • Access Management/Authentication and Authorization
    • Security Monitoring
    • Data Enryption
    • Computer Networking
    • Windows Operating System
    • Project Management

Licensure and Certification:

  • Certified Information System Security Professional (CISSP) and/or Certified in Risk and Information System Control (CRISC) strongly preferred

Working Conditions:

  • General office environment; may be required to sit or stand for extended periods of time

Compensation Range:
$92,300.00 - $161,600.00 CareSource takes into consideration a combination of a candidate's education, training, and experience as well as the position's scope and complexity, the discretion and latitude required for the role, and other external and internal data when establishing a salary level. We are highly invested in every employee's total well-being and offer a substantial and comprehensive total rewards package.

Compensation Type:
Salary

Competencies:
- Create an Inclusive Environment
- Cultivate Partnerships
- Develop Self and Others
- Drive Execution
- Influence Others
- Pursue Personal Excellence
- Understand the Business

This job description is not all inclusive. CareSource reserves the right to amend this job description at any time. CareSource is an Equal Opportunity Employer. We are dedicated to fostering an inclusive environment that welcomes and supports individuals of all backgrounds.

Applied = 0
MORE JOBS LIKE THIS

(web-7d594f9859-hk764)