CBIZ
Overview
CBIZ, Inc. is a leading professional services advisor to middle market businesses and organizations nationwide. With expertise in accounting, tax, advisory, benefits, insurance, and technology, CBIZ delivers insights and solutions to help clients accelerate growth. CBIZ has more than 10,000 team members across more than 160 locations in 21 major markets coast to coast. CBIZ strives to be our team members' employer of choice by creating an environment where team members are appreciated, recognized for their contributions, and provided with opportunities to grow, both personally and professionally, throughout their careers. At CBIZ, we prioritize security and privacy of our services. Our Governance, Risk, and Compliance (GRC) team supports company-wide initiatives and maintains high standards of quality to ensure continuous compliance and reduce risk exposure. The Senior Security Analyst will work with a diverse group of internal and external stakeholders to support ongoing security initiatives, maintain compliance needs, and ensure that security policies and standards are followed. Candidates should be detail-oriented, proactive, and eager to develop within a fast-paced and evolving security environment. You will be a member of the Information Security Department and collaborate across business functions to ensure compliance and regulatory requirements are met. You will work both independently and as part of a team, contributing to the maturity of CBIZ's GRC practices. Key Responsibilities
Ensure compliance with all applicable regulations, including SOX, SOC 2, CCPA, HIPAA, and other industry-specific standards. Assist with the third-party risk management process to assess, monitor, and manage third-party risks. Perform risk assessments, audits, and compliance reviews to identify potential risks and implement mitigation strategies. Assist in mapping controls across frameworks to streamline compliance efforts, translate controls into actionable steps, and provide implementation guidance to stakeholders. Deliver and enhance security awareness campaigns to ensure a consistent understanding of best practices and compliance requirements across the organization. Update and maintain the organization's risk register, ensuring that it accurately reflects the current risk landscape and is used effectively for decision-making. Support the ongoing maintenance and improvement of GRC solutions, including control testing. Collaborate with cross-functional teams to embed risk management practices into operational processes. Participate in process reviews and identify opportunities for improvements in operational efficiency, overall effectiveness, and identifiable benefits to the organization. Stay updated on the latest regulatory changes, industry trends, and best practices to ensure continuous improvement. Other duties as required to fulfill the Senior Security Analyst position. Qualifications
Minimum of 5 years of experience in GRC within a public company. In-depth knowledge of regulatory requirements, including SOX, CCPA, HIPAA, and other relevant frameworks. Hands-on experience with GRC solutions and third-party risk management programs. Strong understanding of IT governance, information security, and data privacy principles. Excellent management, communication, and interpersonal skills. Ability to work effectively with cross-functional teams and influence stakeholders at all levels. Ability to develop and implement security policies, procedures, and controls. Relevant certifications (e.g., CISA, CISM, CISSP, CRISC) are a plus. Additional experience with Identity and Access Management, Data Classification, and Data Loss Prevention is highly desirable. Minimum Qualifications
College Degree or equivalent required 6 years related experience Expert technical knowledge Knowledge of industry regulations Ability to lead and coordinate the team activities of others Ability to formulate, document and recommend new policies and procedures Able to work in and lead a team Demonstrated ability to communicate verbally and in writing throughout all levels of an organization, both internally and externally Ability to travel as required by business and on-call availability #LI-MM2 #LI-Hybrid EEO/Reasonable Accommodation
Reasonable Accommodation : If you are a qualified individual with a disability you may request reasonable accommodation if you are unable or limited in your ability to use or access this site as a result of your disability. To request accommodation, call 844-558-1414 or email accom@cbiz.com. EQUAL OPPORTUNITY EMPLOYER : CBIZ is an equal opportunity employer and reviews applications without regard to race, color, religion, national origin, ancestry, age, gender, gender identity, marital status, military status, veteran status, sexual orientation, disability, or medical condition or any other reason prohibited by law. For more information about your EEO rights, visit Know Your Rights.
#J-18808-Ljbffr
CBIZ, Inc. is a leading professional services advisor to middle market businesses and organizations nationwide. With expertise in accounting, tax, advisory, benefits, insurance, and technology, CBIZ delivers insights and solutions to help clients accelerate growth. CBIZ has more than 10,000 team members across more than 160 locations in 21 major markets coast to coast. CBIZ strives to be our team members' employer of choice by creating an environment where team members are appreciated, recognized for their contributions, and provided with opportunities to grow, both personally and professionally, throughout their careers. At CBIZ, we prioritize security and privacy of our services. Our Governance, Risk, and Compliance (GRC) team supports company-wide initiatives and maintains high standards of quality to ensure continuous compliance and reduce risk exposure. The Senior Security Analyst will work with a diverse group of internal and external stakeholders to support ongoing security initiatives, maintain compliance needs, and ensure that security policies and standards are followed. Candidates should be detail-oriented, proactive, and eager to develop within a fast-paced and evolving security environment. You will be a member of the Information Security Department and collaborate across business functions to ensure compliance and regulatory requirements are met. You will work both independently and as part of a team, contributing to the maturity of CBIZ's GRC practices. Key Responsibilities
Ensure compliance with all applicable regulations, including SOX, SOC 2, CCPA, HIPAA, and other industry-specific standards. Assist with the third-party risk management process to assess, monitor, and manage third-party risks. Perform risk assessments, audits, and compliance reviews to identify potential risks and implement mitigation strategies. Assist in mapping controls across frameworks to streamline compliance efforts, translate controls into actionable steps, and provide implementation guidance to stakeholders. Deliver and enhance security awareness campaigns to ensure a consistent understanding of best practices and compliance requirements across the organization. Update and maintain the organization's risk register, ensuring that it accurately reflects the current risk landscape and is used effectively for decision-making. Support the ongoing maintenance and improvement of GRC solutions, including control testing. Collaborate with cross-functional teams to embed risk management practices into operational processes. Participate in process reviews and identify opportunities for improvements in operational efficiency, overall effectiveness, and identifiable benefits to the organization. Stay updated on the latest regulatory changes, industry trends, and best practices to ensure continuous improvement. Other duties as required to fulfill the Senior Security Analyst position. Qualifications
Minimum of 5 years of experience in GRC within a public company. In-depth knowledge of regulatory requirements, including SOX, CCPA, HIPAA, and other relevant frameworks. Hands-on experience with GRC solutions and third-party risk management programs. Strong understanding of IT governance, information security, and data privacy principles. Excellent management, communication, and interpersonal skills. Ability to work effectively with cross-functional teams and influence stakeholders at all levels. Ability to develop and implement security policies, procedures, and controls. Relevant certifications (e.g., CISA, CISM, CISSP, CRISC) are a plus. Additional experience with Identity and Access Management, Data Classification, and Data Loss Prevention is highly desirable. Minimum Qualifications
College Degree or equivalent required 6 years related experience Expert technical knowledge Knowledge of industry regulations Ability to lead and coordinate the team activities of others Ability to formulate, document and recommend new policies and procedures Able to work in and lead a team Demonstrated ability to communicate verbally and in writing throughout all levels of an organization, both internally and externally Ability to travel as required by business and on-call availability #LI-MM2 #LI-Hybrid EEO/Reasonable Accommodation
Reasonable Accommodation : If you are a qualified individual with a disability you may request reasonable accommodation if you are unable or limited in your ability to use or access this site as a result of your disability. To request accommodation, call 844-558-1414 or email accom@cbiz.com. EQUAL OPPORTUNITY EMPLOYER : CBIZ is an equal opportunity employer and reviews applications without regard to race, color, religion, national origin, ancestry, age, gender, gender identity, marital status, military status, veteran status, sexual orientation, disability, or medical condition or any other reason prohibited by law. For more information about your EEO rights, visit Know Your Rights.
#J-18808-Ljbffr