Job ID: 294321

GRC Senior Analyst

St Louis, Missouri

Regular / Day

We Are Hiring

GRC Senior Analyst - Business Management Administration - Full-Time, Days - 4600 Headquarters - St Louis, MO

Why Join Ascension?

Ascension Technologies is one of the nation’s largest healthcare information technology services organizations.
We provide Ascension and its subsidiaries low-cost, high-value IT infrastructure and software application services that:
• Support rapid and effective clinical decision making
• Improve efficiency and care transitions
• Foster information sharing across the continuum of care
• Make knowledge and data actionable, leading to improved patient outcomes

What You Will Do

As a GRC Senior Analyst with Ascension Technologies, you will have the opportunity to serve as a key resource for an assigned customer area to understand and explain business and technical issues and to provide viable technology solutions.

The GRC Sr. Analyst provides technical expertise and leadership in one or more information technology disciplines to support the organization's technical infrastructure, governance, risk management, and compliance. The GRC Sr. Analyst will be responsible for reviewing policies, procedures, standards and understanding the responsibilities that relate to the controls. The GRC Sr. Analyst  will perform analytics, manage remediation items, and report on overall progress and compliance health of projects that have been assigned. This position will be responsible for tracking and communicating on timely remediation. This position will be responsible for maintaining a continuous process improvement work environment while working with security assessment and audits in accordance with industry standards and best practices.

Responsibilities:

  • Works with customers to clarify and plan for their current and future technology needs. Determines and maps existing business processes/functions and recommends changes required to fit a tightly integrated system.
  • Designs and implements projects requiring systems integration, small teams and multiple technical platforms.
  • Conducts Return on Investment (ROI) and other financial analysis to support project funding/prioritization.
  • Collaborates on driving improvement activities to achieve department and organizational goals.
  • Assumes a proactive role in driving improvement activities to achieve department and organizational goals to deliver value. A key resource for a customer area, seen as an expert in how systems are used and how current work processes are supported by technology.
  • Maintains current knowledge of industry and business process trends and is able to apply that knowledge to existing business processes with a focus towards goal achievement.
  • Conceives and implements projects requiring systems integration, small teams and multiple technical platforms.
  • Can analyze information requirements that may cross multiple systems.

Desired Responsibilities

  • Partner with IT groups such as Products, Server, Network, and Endpoint Devices to support organization in accordance with internal controls, industry standards, and best practices.
  • Liaison between Audit and IT groups through entire audit life cycle
  • Document and provide evidence of remediation
  • Manage multiple remediation projects spread across the nation.
  • Write and maintain policy, standard, and procedure documents and track the sign-off, ongoing maintenance, and annual review process.
  • Analyze and prepare monthly reports around GRC Metrics and effectiveness testing relating to the ongoing measurement.
  • Assess, evaluate, and make recommendations regarding the adequacy of the infrastructure controls with respect to the security, confidentiality, integrity, and availability.
  • Detailed analysis of current work process and governance in accordance with regulations and best practices such as PCI, HIPAA, current governance, SANS CIS Top 20 Security Controls, and NIST best practices.

What You Will Need

Education:

  • HS or Equivalent.
  • Bachelor's degree preferred.

Work Experience:

  • Seven years of information technology work experience in systems administration and programming required.

Desired Work Experience:

  • 5 years of  IT experience preferred.
  • 3 or more years experience within a GRC  role working with information security frameworks and standards including HITRUST, ISO 27001, COBIT, NIST Cyber Security Framework, Payment Card Industry Data Security Standards (PCI DSS).
  • 3 or more years experience working with all phases of audit life cycle in IT Auditor Role or GRC Audit Liaison role
  • Ability to use critical judgment to make decisions and solve problems involving various levels of complexity, ambiguity, and risk.
  • Strong analytical skills and attention to detail.
  • Poweruser of Visio, SharePoint, and Excel
  • Exceptional written, verbal, listening, and interpersonal skills.

Equal Employment Opportunity

Ascension Technologies is an EEO/AA Employer M/F/Disability/Vet. Please click the link below for more information.
 
 
EEO is the Law Poster Supplement

E-Verify Statement

Ascension Technologies participates in the Electronic Employment Verification Program. Please click the E-Verify link below for more information.

E-Verify (link to E-verify site)