ExamWorks
Are you experienced in
governance ,
risk
and
compliance ? If so, keep reading! ExamWorks
is seeking a new team member in the role of
InfoSec GRC Analyst ! This person will handle all things Governance, Risk and Compliance from a 100% remote capacity. Responsibilities
Provide support and contribute to the ExamWorks InfoSec GRC programs such as: Risk Management, Third Party/Vendor Management, Vulnerability/Threat Management, Compliance Management, RFP/SAQ Process Management and others Collaborate with different departments in the analysis, response, and document packages of RFPs and security questionnaires as required by clients of EW business units Assess and monitor security processes and controls to assure compliance with applicable security frameworks, regulatory, and client requirements as well as promote good information security practices Generate reports on assessment findings and summarize them to facilitate remediation tasks for other IT operational teams Conduct formal risk analysis and self-assessments program for various ExamWorks brands and the associated information services systems, processes, and infrastructure Facilitate HITRUST, SOC2 audit engagement, data/artifact collection, exception remediation and monitoring Key contributor to the design, implementation, and optimization of the GRC application or solutions Contribute to maintenance and update of library of information security control standards and procedures based on Information Security policies and procedures and industry best practices Maintain awareness of changes or updates on security control frameworks, compliance laws and statute and identify the impact to the business and its security posture Compile management reports, summary analysis, and detailed presentations to describe risk, controls, and maturity assessments Facilitate information security awareness programs and facilitate periodic awareness training, phishing campaigns, security newsletters and publications Conduct or participate in the cross training sessions with the IT Security team in the management and configuration of security tools and technical controls Troubleshoot and resolve security related GRC and technical issues effectively and efficiently Prioritize, evaluate, resolve and escalate calls or tasks as required Provide appropriately detailed and timely follow-up support with customers (internal and external) Provide updates, status, and completion information to the InfoSec Manager - GRC through voice mail, e-mail, or in-person communication Qualifications
College Degree in Computer Science or related field required Minimum of 2 years in IT security, risk management, compliance, and audit required Must be familiar with Governance Risk and Compliance (GRC) solutions and technology platforms. Practical knowledge and experience with compliance and security framework standards such as SOX, PCI, SOC, NIST, ISO 27001, HITRUST, HIPAA and HITECH required General knowledge of security tools, solutions, and appliances in support of security domains such as network security, e-Mail and end-point security, vulnerability scans, access controls, and log management etc. Basic technical understanding of cloud services principles such as IAAS, SAAS, and PAAS. Capable of articulating general IT security policies, processes, and technical controls CISA, CRISC, or other privacy certifications preferred but not required Advanced computer troubleshooting, analysis, critical thinking and problem solving skills Maintain medical confidentiality ABOUT US: ExamWorks is a leading provider of innovative healthcare services including independent medical examinations, peer reviews, bill reviews, Medicare compliance, case management, record retrieval, document management and related services. Our clients include property and casualty insurance carriers, law firms, third-party claim administrators and government agencies that use independent services to confirm the veracity of claims by sick or injured individuals under automotive, disability, liability and workers' compensation insurance coverages. ExamWorks, LLC is an Equal Opportunity Employer and affords equal opportunity to all qualified applicants for all positions without regard to protected veteran status, qualified individuals with disabilities and all individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age or any other status protected under local, state or federal laws. Equal Opportunity Employer - Minorities/Females/Disabled/Veterans ExamWorks
offers a fast-paced team atmosphere with competitive benefits (medical, vision, dental), paid time off, and 401k. About the company
ExamWorks | Independent Medical Examinations, Peer Reviews, Bill Reviews
#J-18808-Ljbffr
governance ,
risk
and
compliance ? If so, keep reading! ExamWorks
is seeking a new team member in the role of
InfoSec GRC Analyst ! This person will handle all things Governance, Risk and Compliance from a 100% remote capacity. Responsibilities
Provide support and contribute to the ExamWorks InfoSec GRC programs such as: Risk Management, Third Party/Vendor Management, Vulnerability/Threat Management, Compliance Management, RFP/SAQ Process Management and others Collaborate with different departments in the analysis, response, and document packages of RFPs and security questionnaires as required by clients of EW business units Assess and monitor security processes and controls to assure compliance with applicable security frameworks, regulatory, and client requirements as well as promote good information security practices Generate reports on assessment findings and summarize them to facilitate remediation tasks for other IT operational teams Conduct formal risk analysis and self-assessments program for various ExamWorks brands and the associated information services systems, processes, and infrastructure Facilitate HITRUST, SOC2 audit engagement, data/artifact collection, exception remediation and monitoring Key contributor to the design, implementation, and optimization of the GRC application or solutions Contribute to maintenance and update of library of information security control standards and procedures based on Information Security policies and procedures and industry best practices Maintain awareness of changes or updates on security control frameworks, compliance laws and statute and identify the impact to the business and its security posture Compile management reports, summary analysis, and detailed presentations to describe risk, controls, and maturity assessments Facilitate information security awareness programs and facilitate periodic awareness training, phishing campaigns, security newsletters and publications Conduct or participate in the cross training sessions with the IT Security team in the management and configuration of security tools and technical controls Troubleshoot and resolve security related GRC and technical issues effectively and efficiently Prioritize, evaluate, resolve and escalate calls or tasks as required Provide appropriately detailed and timely follow-up support with customers (internal and external) Provide updates, status, and completion information to the InfoSec Manager - GRC through voice mail, e-mail, or in-person communication Qualifications
College Degree in Computer Science or related field required Minimum of 2 years in IT security, risk management, compliance, and audit required Must be familiar with Governance Risk and Compliance (GRC) solutions and technology platforms. Practical knowledge and experience with compliance and security framework standards such as SOX, PCI, SOC, NIST, ISO 27001, HITRUST, HIPAA and HITECH required General knowledge of security tools, solutions, and appliances in support of security domains such as network security, e-Mail and end-point security, vulnerability scans, access controls, and log management etc. Basic technical understanding of cloud services principles such as IAAS, SAAS, and PAAS. Capable of articulating general IT security policies, processes, and technical controls CISA, CRISC, or other privacy certifications preferred but not required Advanced computer troubleshooting, analysis, critical thinking and problem solving skills Maintain medical confidentiality ABOUT US: ExamWorks is a leading provider of innovative healthcare services including independent medical examinations, peer reviews, bill reviews, Medicare compliance, case management, record retrieval, document management and related services. Our clients include property and casualty insurance carriers, law firms, third-party claim administrators and government agencies that use independent services to confirm the veracity of claims by sick or injured individuals under automotive, disability, liability and workers' compensation insurance coverages. ExamWorks, LLC is an Equal Opportunity Employer and affords equal opportunity to all qualified applicants for all positions without regard to protected veteran status, qualified individuals with disabilities and all individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age or any other status protected under local, state or federal laws. Equal Opportunity Employer - Minorities/Females/Disabled/Veterans ExamWorks
offers a fast-paced team atmosphere with competitive benefits (medical, vision, dental), paid time off, and 401k. About the company
ExamWorks | Independent Medical Examinations, Peer Reviews, Bill Reviews
#J-18808-Ljbffr