Remote - Governance, Risk, and Compliance Analyst II
Mosaic Life Care
Full-time
Remote
United States
$78,041.60 - $117,062.40 USD yearly
Cybersecurity
- Remote - Governance, Risk, and Compliance Analyst II
- IT Cybersecurity
- Full Time Status
- Day Shift
- Pay: $78,041.60 - $117,062.40 / year
- Candidates residing in the following states will be considered for remote employment: Alabama, Colorado, Florida, Georgia, Idaho, Indiana, Iowa, Kansas, Kentucky, Minnesota, Missouri, Mississippi, Nebraska, North Carolina, Oklahoma, Texas, Utah, and Virginia. Remote work will not be permitted from any other state at this time.
- The purpose of the Cybersecurity Governance Risk and Compliance (GRC) Analyst II position is to support the Cyber Security team for Mosaic Life Care. The Cybersecurity GRC Analyst II will report to the Cybersecurity Director. This program is responsible for developing, implementing, and assisting in managing critical GRC programs to identify and mitigate security risks and protect valuable and sensitive information and assets within the organization. The expectations for this position are: • Assists in the execution of the GRC strategy to ensure security risks are identified and reported. • Identifies security design gaps in existing/proposed programs and processes as well as recommends changes/enhancements. • Responsible for the interpretation and enforcement of cyber security policies, standards, and standard operating procedures. • Develops, implements, and reports on key security risk and compliance metrics. • Helps establish risk assessment and analyses remediation plan recommendations and proactively tracks progress of remediation efforts to ensure open issues/risks are addressed as agreed. • Manages 3rd-party supplier security assessments to ensure assessments are completed during the pre-contracting phase, risk-level are appropriately assigned, and issues and findings are tracked and managed to closure. • Supports the development and maintenance of the GRC strategy to ensure HIPAA Security Rule, NIST, PCI, and other audit requirements to report on the state of compliance and to ensure remediation is prioritized appropriately. • Will assist in the evaluation and implementation of new security solutions and technologies as needed. • Ability to analyze data and communicate risk to non-technical consumers. This position is employed by Mosaic Life Care.
- Responsible for establishing effective working relationships with Compliance, System Administrators, Application teams, as well as external teams to support and execute the Cybersecurity GRC strategy.
- Understand Mosaic’s technology environment to identify points of weakness and opportunities for solutions..
- Other duties as assigned
- High school diploma or GED equivalent is required. Bachelor's Degree-Computer Science or related field is preferred.
- Certified Information Security Auditor (CISA) or Certified in Risk and Information Systems Control (CRISC) is preferred.
- 2 years to be considered for a mid-level cybersecurity analyst position an individual should have job related experience is required. 3 Year of experienced cybersecurity analyst requirements would consist of having job related experience; advanced training in security concepts such as risk management, CISA or similar certificates.