Senior GRC Security Analyst (remote)

At MultiPlan, we pride ourselves on being a dynamic team of innovative professionals. Our purpose is simple - we strive to bend the cost curve in healthcare for all. Our dedication to service excellence extends to all of our stakeholders - internal and external - driving us to consistently exceed expectations. We are intentionally bold, we foster innovation, we nurture accountability, we champion diversity, and empower each other to illuminate our collective potential.

Be part of our amazing transformational journey as we optimize the opportunity towards becoming a leading technology, data, and innovation voice in healthcare. Onward and upward!!!

JOB SUMMARY:

This role will support leadership in all aspects and leadership of vendor and risk management programs such as, audits, risk assessments, vendor management, policy management, and security awareness. Working closely with various business units (Legal, Finance, Operations) and IT stakeholders across the organization, this position will be responsible for executing and maturing the program.

JOB RESPONSIBILITIES:

1. Serve as a trusted advisor and subject matter expert, providing IT risk management services to IT team members and business/risk owners.
2. Collaborate with other members of the risk management team to develop standards and processes that serve to protect the confidentiality, integrity, and availability of MultiPlan data.
3. Assist in the preparation of presentation materials such as metrics, and other complex deliverables on a recurring and ad-hoc basis
4. Provide guidance to IT subject matter experts on audit and assessment requests
5. Work with IT stakeholders, internal and external auditors to ensure successful completion of audits (SOC1, SOC2, SOX and HITRUST)
6. Assist in audits and reviews of assigned business processes to evaluate adequacy of controls within IT, on findings and make recommendations for corrections of weaknesses, and improvements in operations.
7. Conduct internal risk assessments and present findings to stakeholders and risk management committee
8. Manage overall process to intake and respond to client security requests (i.e., questionnaires)
9. Develop and implement IT audit programs and testing procedures and processes relevant to risk/compliance and test objectives across IT Departments.
10. Utilize audit findings to make appropriate recommendations for the correction of weaknesses within processes and procedures that support the continual improvement in operational procedures.
11. Conduct information security assessments of third-party vendors to determine their ability to protect MultiPlan data.
12. Identify tasks necessary to remediate identified vendor risks and vulnerabilities; negotiate dates for completion of remediation tasks.
13. Track progress on remediation of identified vendor risks and vulnerabilities and provide appropriate reporting
14. Analyze existing processes to identify inefficiency and opportunities for improvement
15. Identify, collaborate, coordinate and communicate opportunities for strengthening IT security throughout the company.
16. Collaborate, coordinate, and communicate across disciplines and departments design, development and implementation of security controls and policies
17. Ensure compliance with HITRUST, SOX, SOC, HIPAA regulations and requirements.
18. Demonstrate Company's Core Competencies and values held within.

JOB REQUIREMENTS:

* Minimum Bachelors' degree in Information Technology or a related field coupled with five (5) years' experience in IT consulting or IT Audit, Risk Management and Governance, inclusive of experience with the administration of internal controls and/or information security administration.
* Minimum 3 years of experience with security frameworks such as NIST, HIPAA, HITRUST, SOX or ISO. Proficiency with GRC Systems is a plus

* Deep understanding of IT and Information Security systems, with the ability to hold technical discussions about technology.
* Proven ability to manage projects to conclusion, while collaborating with a diverse group of professionals from both technical and non-technical backgrounds
* Strong problem solving and troubleshooting skills
* Highly organized and detail-oriented, with strong analytical, problem solving, and critical thinking skills.
* Communication (written, verbal and listening), project management, problem solving, organizational, goal setting, and time management skills
* Ability to present to a small to midsize audiences
* Ability to maximize the use of the available technology, welcome new technology, and stay abreast of the latest technologies
* Ability to maintain confidentiality of information
* Ability to work independently as well within a team and with client users
* Ability to organize, prioritize, and coordinate multiple work activities and meet target deadlines
* Ability to be flexible when there are schedule or priority changes and last minute requests
* Ability to travel as needed to Company locations and third party locations within the US
* Individual in this position must be able to work in a standard office environment which requires sitting and viewing monitor(s) for extended periods of time, operating standard office equipment such as, but not limited to, a keyboard, copier and telephone

COMPENSATION

The salary range for this position is $130K to $150K. Specific offers take into account a candidate's education, experience and skills, as well as the candidate's work location and internal equity. This position is also eligible for health insurance, 401k and bonus opportunity.

BENEFITS

We realize that our employees are instrumental to our success, and we reward them accordingly with very competitive compensation and benefits packages, an incentive bonus program, as well as recognition and awards programs. Our work environment is friendly and supportive, and we offer flexible schedules whenever possible, as well as a wide range of live and web-based professional development and educational programs to prepare you for advancement opportunities.

Your benefits will include:

• Medical, dental and vision coverage with low deductible & copay
• Life insurance
• Short and long-term disability
• 401(k) + match
• Generous Paid Time Off
• Paid company holidays
• Paid Parental Leave
• Tuition reimbursement
• Flexible Spending Account
• Employee Assistance Program
• Summer Hours

EEO STATEMENT

MultiPlan is an Equal Opportunity Employer and complies with all applicable laws and regulations. Qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability or protected veteran status. If you would like more information on your EEO rights under the law, please [Link available when viewing the job].