Job ID: 294321
GRC Senior Analyst
St Louis, Missouri
Regular / Day
We Are Hiring
GRC Senior Analyst - Business Management Administration - Full-Time, Days - 4600 Headquarters - St Louis, MO
Why Join Ascension?
We provide Ascension and its subsidiaries low-cost, high-value IT infrastructure and software application services that:
• Support rapid and effective clinical decision making
• Improve efficiency and care transitions
• Foster information sharing across the continuum of care
• Make knowledge and data actionable, leading to improved patient outcomes
What You Will Do
As a GRC Senior Analyst with Ascension Technologies, you will have the opportunity to serve as a key resource for an assigned customer area to understand and explain business and technical issues and to provide viable technology solutions.
The GRC Sr. Analyst provides technical expertise and leadership in one or more information technology disciplines to support the organization's technical infrastructure, governance, risk management, and compliance. The GRC Sr. Analyst will be responsible for reviewing policies, procedures, standards and understanding the responsibilities that relate to the controls. The GRC Sr. Analyst will perform analytics, manage remediation items, and report on overall progress and compliance health of projects that have been assigned. This position will be responsible for tracking and communicating on timely remediation. This position will be responsible for maintaining a continuous process improvement work environment while working with security assessment and audits in accordance with industry standards and best practices.
- Works with customers to clarify and plan for their current and future technology needs. Determines and maps existing business processes/functions and recommends changes required to fit a tightly integrated system.
- Designs and implements projects requiring systems integration, small teams and multiple technical platforms.
- Conducts Return on Investment (ROI) and other financial analysis to support project funding/prioritization.
- Collaborates on driving improvement activities to achieve department and organizational goals.
- Assumes a proactive role in driving improvement activities to achieve department and organizational goals to deliver value. A key resource for a customer area, seen as an expert in how systems are used and how current work processes are supported by technology.
- Maintains current knowledge of industry and business process trends and is able to apply that knowledge to existing business processes with a focus towards goal achievement.
- Conceives and implements projects requiring systems integration, small teams and multiple technical platforms.
- Can analyze information requirements that may cross multiple systems.
- Partner with IT groups such as Products, Server, Network, and Endpoint Devices to support organization in accordance with internal controls, industry standards, and best practices.
- Liaison between Audit and IT groups through entire audit life cycle
- Document and provide evidence of remediation
- Manage multiple remediation projects spread across the nation.
- Write and maintain policy, standard, and procedure documents and track the sign-off, ongoing maintenance, and annual review process.
- Analyze and prepare monthly reports around GRC Metrics and effectiveness testing relating to the ongoing measurement.
- Assess, evaluate, and make recommendations regarding the adequacy of the infrastructure controls with respect to the security, confidentiality, integrity, and availability.
- Detailed analysis of current work process and governance in accordance with regulations and best practices such as PCI, HIPAA, current governance, SANS CIS Top 20 Security Controls, and NIST best practices.
What You Will Need
- HS or Equivalent.
- Bachelor's degree preferred.
- Seven years of information technology work experience in systems administration and programming required.
Desired Work Experience:
- 5 years of IT experience preferred.
- 3 or more years experience within a GRC role working with information security frameworks and standards including HITRUST, ISO 27001, COBIT, NIST Cyber Security Framework, Payment Card Industry Data Security Standards (PCI DSS).
- 3 or more years experience working with all phases of audit life cycle in IT Auditor Role or GRC Audit Liaison role
- Ability to use critical judgment to make decisions and solve problems involving various levels of complexity, ambiguity, and risk.
- Strong analytical skills and attention to detail.
- Poweruser of Visio, SharePoint, and Excel
- Exceptional written, verbal, listening, and interpersonal skills.
Equal Employment Opportunity
Ascension Technologies participates in the Electronic Employment Verification Program. Please click the E-Verify link below for more information.