Security Analyst, Senior
Grand Rapids, Michigan
- Develops, implements, and maintains IT Compliance controls; reviews existing IT compliance controls for regulatory updates and performs the necessary gap analysis; creates and maintains various internal and external audit and compliance schedules for Information Security Services.
- Reviews, documents, evaluates, and tests manual and automated computer controls throughout the corporate IT environment; develops and implements testing methodologies for application development, IT infrastructure, security, and availability; designs and executes compliance tests for IT systems and coordinates required remediation.
- Assists with risk assessments on business and operational processes, procedures, and policies; interprets audit results and makes conclusions on the adequacy and reliability of controls; prepares and presents reports as necessary
- Prioritizes and controls projects based on severity of risk and non-compliance; communicates control strengths and weaknesses to internal audit and compliance and collaborates with internal audit to develop migration plans.
- Designs and enhances for internal controls such as segregation of duties, production change management, software management, security, incident handling, and transmission integrity; assists internal audit team and serves as a liaison with external auditors to facilitate auditing process.
- Designs audit/compliance programs to ensure ongoing evaluation and validation of ITGC control effectiveness; performs other duties as assigned.
- Ensures that processes and reviews are managed within the GRC Tool.
- Knowledge of process improvement and project management methodologies
- Knowledge of various applications and uses of health information technology
- Strong analytical and decision making skills
- Excellent verbal, written, and diplomacy skills
- Effectively influences and guides others across various organizational structures using strong interpersonal skills
- Ability to manage and collaborate with multidisciplinary teams
- Ability to effectively prioritize and execute tasks in a high-pressure environment is crucial
- Ability to decipher and apply knowledge of regulatory/accreditation requirements
- Ability to prioritize and work on multiple projects under time constraints
- Ability to adapt to shifting priorities, demands, and timelines through analytical and problem-solving capabilities
- Ability to work independently as well as in a team environment including multi-level staff and external partners
- Strong orientation toward high standards for customer service
- Education and experience equivalent to:
- Bachelor's degree, Certified Information Systems Auditor (CISA) preferred; supplemented with five (5) years of experience in and Information Technology position.