Information Security GRC Analyst III

Dayton WFH, United States

Full Time Senior-level / Expert USD 92K - 161K

CareSource

View all jobs at CareSource

Apply now Apply later

Posted 7 hours ago

Job Summary:

The Information Security GRC Analyst III manages day to day, short and long term Information Technology (IT) compliance and information security risks, and ensures activities are within risk tolerance and in compliance with approved risk management policies, procedures and limits.

Essential Functions:

Collaborate with Corporate Compliance team to manage, gather, track, and provide IT responses for external audits
Review and report on IT Compliance activities and progress toward goals
Engage IT staff and/or vendors to address corrective action plans (CAPs) and remediate audit observations and findings.
Lead IT staff in developing management responses to internal audit observations, and secure approval from IT leadership.
Monitor and report on IT-related CAPs and remediation efforts to ensure timely execution
Engage employees in the management of information security risk and compliance, and ensure they are aware of their accountabilities with regard to information security risk management and compliance
Lead Information Security staff in updating policies, procedures, and handbook documents to address evolving compliance requirements.
Regularly assess and report to management any exceptions to information security policies, procedures, and limits
Contribute and provide input to the development of operational department goals
Acts as technical expert in functional domain
Recommends technical advancements to improve CareSource customer and partner experiences
Perform any other job related instructions as requested

Education and Experience:

Bachelor Degree or equivalent years of relevant work experience required
Minimum of seven (7) years of relevant work experience is required

Competencies, Knowledge and Skills:

Ability to effectively prioritize and execute tasks while working both independently and in a team-oriented, collaborative environment
Strong interpersonal skills including excellent written and verbal communication skills; listening and critical thinking; presentation skills, facilitation skills
Ability to establish effective working relationships with stakeholders at all different levels
Flexibility during organizational and/or business changes
Ability to manage multiple projects while demonstrating a sense of urgency
Effective problem-solving skills with attention to detail
Working technical knowledge/experience of the following:
- IT Audit
- Application, server, and network security
- Monitoring security events and supporting incident response activities
- Sarbanes-Oxley (SOX) compliance
- Microsoft Office
- Access Management/Authentication and Authorization
- Scurity Monitoring
- Data Enryption
- Computer Networking
- Security Internet protocols (SSL, IPSEC, TCP/IP)
- Windows Operating System
- Project Management

Licensure and Certification:

Certified in Risk and Information System Control (CRISC) or System Security Certified Practitioner (SSCP) preferred

Working Conditions:

General office environment; may be required to sit or stand for extended periods of time

Compensation Range:

$92,300.00 - $161,600.00

CareSource takes into consideration a combination of a candidate’s education, training, and experience as well as the position’s scope and complexity, the discretion and latitude required for the role, and other external and internal data when establishing a salary level. In addition to base compensation, you may qualify for a bonus tied to company and individual performance. We are highly invested in every employee’s total well-being and offer a substantial and comprehensive total rewards package.

Compensation Type (hourly/salary):

Salary

Organization Level Competencies