Ascension Health GRC Specialist in St Louis, Missouri
We Are Hiring
Technical Engineering Specialist - Business Management Admin - FT Days - Remote Employee
Why Join Ascension?
Ascension Technologies is one of the nation’s largest healthcare information technology services organizations.We provide Ascension and its subsidiaries low-cost, high-value IT infrastructure and software application services that:•Support rapid and effective clinical decision making•Improve efficiency and care transitions•Foster information sharing across the continuum of care•Make knowledge and data actionable, leading to improved patient outcomes
What You Will Do
The GRC Specialist provides technical expertise and leadership in one or more information technology disciplines to support the organization's technical infrastructure, governance, risk management, and compliance. Mentors less experienced staff with responsibility for their technical development. The GRC Specialist will be responsible for reviewing and drafting policies, procedures, standards and understanding the responsibilities that relate to the controls. The GRC Specialist will perform analytics, manage remediation items, and report on overall progress and compliance health of projects that have been assigned. This position will be responsible for tracking and communicating on timely remediation. This position will be responsible for maintaining a continuous process improvement work environment while working with security assessment and audits in accordance with industry standards and best practices.
Partner with IT functional areas to support organization in accordance with internal controls, industry standards, regulations, and best practices.
Liaison between Audit and IT groups through entire audit life cycle.
Assist with identifying, developing, and communicating policy, standards and procedures across IT groups.
Document and provide evidence of remediation.
Manage multiple remediation projects spread across the nation.
Write and maintain policy, standard, and procedure documents and track the sign-off, ongoing maintenance, and annual review process.
Analyze and prepare monthly reports around GRC Metrics and effectiveness testing relating to the ongoing measurement.
Assess, evaluate, and make recommendations regarding the adequacy of the infrastructure controls with respect to the security, confidentiality, integrity, and availability.
Detailed analysis of current work process and governance in accordance with regulations such as PCI, HIPAA, current governance and NIST best practices.
What You Will Need
- Bachelor's degree preferred or equivalent experience.
Tenyears of experience preferred.
5 or more years experience preferred within a GRC role working with information security frameworks and standards including HITRUST, ISO 27001, COBIT, NIST Cyber Security Framework, Payment Card Industry Data Security Standards (PCI DSS).
5 or more years experience preferred working with all phases of audit life cycle in IT Auditor Role or GRC Audit Liaison role
Ability to use critical judgment to make decisions and solve problems involving various levels of complexity, ambiguity, and risk.
Strong analytical skills and attention to detail.
Poweruser of Tableau, Visio, SharePoint, and O365 preferred.
Exceptional written, verbal, listening, and interpersonal skills.
Equal Employment Opportunity
Ascension Technologiesis an EEO/AA Employer M/F/Disability/Vet. Please click the link below for more information.
EEO is the Law Poster Supplement
Ascension Technologies participates in the Electronic Employment Verification Program. Please click the E-Verify link below for more information.
E-Verify (link to E-verify site)