ESR Healthcare
GRC Analytics & Automation Analyst (14010-1) Boston, MA
ESR Healthcare, Boston, Massachusetts, us, 02298
Job Summary
GRC Analytics & Automation Analyst (14010-1) – Boston, MA
This role builds and maintains data pipelines, automation, and dashboards that enable measurable compliance and continuous monitoring across the Compliance Governance Program. The analyst will integrate GovCloud intake sources (SharePoint intake registry, AuditBoard exports, APIs) into Power BI, automate evidence collection via Power Automate and connectors, and ensure metadata and taxonomy alignment with Canon Protocol v1.0.
Hybrid/remote‑eligible position reporting to the Director of Regulatory Compliance Environments. Onsite visits are expected periodically for audits and triage.
Key Responsibilities
Own end‑to‑end data pipelines from GovCloud Intake Registry and source systems to Power BI; maintain data freshness SLAs (hourly/daily) and >99% pipeline success rate.
Design, implement, and maintain Power Automate flows and SharePoint integrations to automate evidence collection and workflow triggers; log and remediate automation failures within SLA.
Build executive and operational dashboards (Power BI) for control health, residual risk, and remediation status; support monthly and ad‑hoc reporting to leadership.
Correlate control data across frameworks (NIST SP 800‑53, SOC 2, ISO 27001) to visualize coverage and residual risk using canonical mapping.
Ensure metadata and taxonomy alignment with Canon Protocol and maintain documentation of data models and lineage.
Partner with the GovCloud Compliance Analyst to reconcile automated data feeds with human‑submitted evidence; implement validations and exception rules.
Support quarterly reviews and audit preparation by providing analytics extracts and evidence inventories.
Required Qualifications
Minimum 3 years in GRC, data analytics, or process automation roles with experience integrating data sources.
Proficiency with Power BI (DAX and data modeling), Excel, and Power Automate.
Experience with SharePoint lists, data modeling, workflow design, and handling regulated data (PII/PHI protections).
Understanding of control frameworks (NIST SP 800‑53, SOC 2, ISO 27001) and how to map control data for coverage analysis.
Bachelor’s degree in Information Systems, Data Analytics, or equivalent experience.
Preferred Qualifications
Experience with AuditBoard or ServiceNow GRC and automating evidence ingestion.
SQL, Python, or advanced DAX skills for ETL and analytics.
Experience with APIs, connectors, and data governance practices.
Ability to translate compliance requirements into measurable metrics and KPIs.
#J-18808-Ljbffr
Hybrid/remote‑eligible position reporting to the Director of Regulatory Compliance Environments. Onsite visits are expected periodically for audits and triage.
Key Responsibilities
Own end‑to‑end data pipelines from GovCloud Intake Registry and source systems to Power BI; maintain data freshness SLAs (hourly/daily) and >99% pipeline success rate.
Design, implement, and maintain Power Automate flows and SharePoint integrations to automate evidence collection and workflow triggers; log and remediate automation failures within SLA.
Build executive and operational dashboards (Power BI) for control health, residual risk, and remediation status; support monthly and ad‑hoc reporting to leadership.
Correlate control data across frameworks (NIST SP 800‑53, SOC 2, ISO 27001) to visualize coverage and residual risk using canonical mapping.
Ensure metadata and taxonomy alignment with Canon Protocol and maintain documentation of data models and lineage.
Partner with the GovCloud Compliance Analyst to reconcile automated data feeds with human‑submitted evidence; implement validations and exception rules.
Support quarterly reviews and audit preparation by providing analytics extracts and evidence inventories.
Required Qualifications
Minimum 3 years in GRC, data analytics, or process automation roles with experience integrating data sources.
Proficiency with Power BI (DAX and data modeling), Excel, and Power Automate.
Experience with SharePoint lists, data modeling, workflow design, and handling regulated data (PII/PHI protections).
Understanding of control frameworks (NIST SP 800‑53, SOC 2, ISO 27001) and how to map control data for coverage analysis.
Bachelor’s degree in Information Systems, Data Analytics, or equivalent experience.
Preferred Qualifications
Experience with AuditBoard or ServiceNow GRC and automating evidence ingestion.
SQL, Python, or advanced DAX skills for ETL and analytics.
Experience with APIs, connectors, and data governance practices.
Ability to translate compliance requirements into measurable metrics and KPIs.
#J-18808-Ljbffr