Governance, Risk, & Compliance (GRC) Analyst

Vaya Health
Full Time
Asheville, NC 28806
Posted
Apply This Job
Job description

LOCATION: Remote - NC


SALARY: Depending on qualifications & experience of candidate. This position is exempt and is not eligible for overtime compensation.


GENERAL STATEMENT OF JOB:

Working as part of the Information Security team within the Information Security department at Vaya Health, the GRC analyst will be responsible for leading the day-to-day IT governance, risk management, and compliance functions. The role will include primary responsibility for defining, creating, and managing IT and organizational policies, standards, and procedures in support of legal and regulatory compliance needs as well as general IT and organizational information security practices; employ knowledge and experience to assess and continuously monitor information security controls, exceptions, risks, remediation, and testing processes.


ESSENTIAL JOB FUNCTIONS:

Operational Processes:

  • Coordinate with key corporate governance committees and internal audit to facilitate cyber risk analysis and risk management processes and identify acceptable risk based on the information classification and needed protection.
  • Provide system administration and maintain data accuracy of the GRC software solution.
  • Work with external audit firms, customers, and regulatory and state agencies to provide evidence artifacts and other supportive documentation as applicable.
  • Perform periodic security assessments on third party vendors and ensure that security risks with the potential of causing material harm to Vaya Health are properly documented.
  • Assist in the development and reporting of the corporate Risk Register for executive leadership review.
  • Execute Security Awareness program including periodic user education and anti-phishing campaigns.
  • Provide oversight of compliance assurance for required industry frameworks and regulatory standards (e.g., SOC 1, SOC 2, NIST 800-53, HITRUST, and HIPAA).
  • Work across various business areas to evaluate whether security risks to the company are identified and minimized and acceptable internal controls and procedures are followed.
  • Collaborate with technical teams (e.g., corporate compliance, internal auditing, corporate risk management, project management office) during the strategic planning and implementation of new business initiatives.
  • Ensure that user access to information assets is provisioned, managed, and terminated as required.
  • Maintain documentation of security standards, procedures, processes, and guidelines.
  • Support management by compiling key performance metrics to show effective of GRC program.


Customer Service:

  • Understand and provide recommendations for security policies and standards and how they align to the business for new projects.
  • Keep up to date on different regulatory compliance standards and communicate how they are applicable
  • Provide security controls consultation to business and IT staff.
  • Provide after hours on-call support as required.


QUALIFICATIONS AND EDUCATION REQUIREMENTS:

  • A Bachelors Degree in Information Technology, Business, or closely related field.
  • Four Years of experience


PHYSICAL REQUIREMENTS:

Close visual acuity to perform activities such as preparation and analysis of documents; viewing a computer terminal; and extensive reading. Physical activity in this position includes crouching, reaching, walking, talking, hearing and repetitive motion of hands, wrists and fingers. Sedentary work with lifting requirements up to 10 pounds, sitting for extended periods of time. Mental concentration is required in all aspects of work.


KNOWLEDGE, SKILL, AND ABILITIES:

  • Experience in understanding and implementing SOC2 & NIST 800-53 controls.
  • Experience with host and network security technologies such as firewalls, proxies, and operating systems.
  • Experience with Window AD and AD Audit Manager.
  • Knowledge of application and network security.
  • Experience communicating conceptual and technical information.
  • Experience translating technical data into business impact information.
  • Ability to manage timelines and meet tight deadlines.
  • Detail oriented with excellent oral and written communication skills.
  • Manage and prioritize multiple tasks.
  • Excellent interpersonal skills needed to work with various levels of technical and managerial staff members.
  • Self-motivated, constructive, and positive attitude.
  • Strong analytical and problem-solving skills.
  • Ability to present data in a consistent and clear manner.


DEADLINE FOR APPLICATION: Open until filled


APPLY: Vaya Health accepts online applications in our Career Center, please visit http://www.vayahealth.com/careers-overview/ Ind.001


Vaya Health is an equal opportunity employer.

gatheringourvoice.org is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, gatheringourvoice.org provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, gatheringourvoice.org is the ideal place to find your next job.

Save This Job Apply Job

Intrested in this job?

Related Jobs

All Related Listed jobs

Cold Room Laborer (Crew D)
Simplot Othello, WA 99344

The J.R. Simplot Company is a diverse, privately held organization, with roots firmly planted in agriculture and agriculture-related businesses. We are a true farm-to-table company with operations
Williamsburg Esthetician
Glowbar Brooklyn, NY

Have you ever dreamed of joining a team that is reinventing professional skincare? Have you ever wanted to support a business from the ground up? Is it your goal in life to make a difference in
Referrals Clerk
Carl Larson Cancer Center Beckley, WV 25801 1 day ago

Carl Larson Cancer Center is seeking a full-time Referrals Clerk. Maintain ongoing tracking and retrieval of appropriate documentation for inbound referrals.
Registered Respiratory Therapist PRN
HealthTrust Purchasing Group Atlantis, FL

Description Introduction Are you looking for a work environment where diversity and inclusion thrive? Submit your application for our Registered Respiratory Therapist PRN opening with HCA
Apprentice/Line/Journey Line Technician In-Trainin
Nebraska Public Power District Kearney, NE 68848

Location: Kearney, NE, US, 68848-2170 Nebraska Public Power District (NPPD) has an immediate opening for a
Dialysis Hospital Services Nurse (Acute RN)
Dialysis Clinic, Inc. Murfreesboro, TN 37129

Overview: A $10,000 sign on bonus is available. Dialysis Clinic, Inc. is recruiting top talent interested in supporting our nonprofit mission to prioritize individualized care for
Physical Therapist Assistant PTA
Heritage Lakeside Rice Lake, WI 54868

Full Job Description Position: Physical Therapist Assistant Essential Qualifications: Associates Degree in Physical Therapy from an accredited program. Current licensure as
File Clerk
Sciolex Corporation Houston, TX 77067

Overview: What do you get when you bring together a team of bright individuals and place them into an environment where work means making a difference in the lives of people across the
Assembly Line Worker|General Labor|M-F 8a-4p|$13.00 hr
All-In Staffing Avon, OH 44011

General Labor and Assembly needed M-F 8a-4p $13.00 hour.We are looking for a motivated, hard-working individual to join our team of Assemblers. The ideal candidate will be familiar with using tools,
Foreign Language Teacher
Boulder Valley School District Boulder, CO 80301 Today

Excellent oral and written communication skills; willingness to communicate frequently with families regarding school curriculum and student progress.