Security Governance and Assurance Analyst
Security Governance and Assurance Analyst are responsible for completing security assessment questionnaires that support our security complianceframework and governance activities. Additional responsibilities include supporting on-site security audits and company wide security governance activities to include training and development of associates. The Security Governance and Assurance Analyst will support our security SME's and Cybersecurity organization. These individuals provide oversight to the company's security program and contribute insight into process improvement and strategic initiatives.
Responsibilities include, but are not limited to:
Complete security assessment questionnaires and related security compliance requests for potential customers, clients, vendors and business partners
Assist the security governance activities including creating and communicating our security policies and procedures
Act as a Subject Matter Expert (SME) on behalf of the security organization
Interact with all internal departments, as well as our clients, vendors and business partners, to support security governance activities.
Create and maintain highquality documentation of all relevant specifications, systems and procedures.
Develop strategies in order to resolve information security issues.
Work with sensitive, confidential and/or proprietary information while maintaining the highest level of confidentiality, professionalism, and ethics.
Make recommendations to further support our security awareness program
Participate in company wide security awareness and training functions
Communicate with and provide regular updates to management, including weekly metrics and status reporting.
Ability to work on multiple projects simultaneously and deliver high quality results
Strong analytical skills and ability to work under pressure and build efficiencies in order to complete assignments on time
Highly motivated self-starter with a positive attitude even during times of ambiguity who can be relied on to complete assignments timely
Strong interpersonal skills and ability to communicate with all areas of the business. Ability to develop relationships within the team is a must to support a collaborative team environment
Bachelor's degree in Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience.
2 years' work experience in Information Security and Technology
Strong understanding of security concepts and risk-based security.
Working knowledge of security and privacy requirements such as PCI, SOX, SAS-70/SSAE-16/SOC, HIPAA, as it pertains to the healthcare or the benefits administration industries.
Strong sense of professionalism, integrity and ethics.
Master's Degree in Technology or related fields is highly desired.
Experience with Software as a Service (SaaS) architecture
Experience with the implementation of NIST Cyber Security Framework
Project Management skills.
Experience with process improvement methodologies
Industry certifications a plus (e.g. CISSP, CISA, GIAC or equivalents).