Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Dishwasher - Public School 404, Atlanta

Trustmark

Dishwasher - Public School 404, Atlanta

Oakland, IA
Full Time
Paid
  • Responsibilities

    SUMMARY OF OVERALL PURPOSE

     

    POSITION OVERVIEW:  Our IT team is growing and currently looking for a SR GOVERNANCE, RISK & COMPLIANCE ANALYST.  In this role, you’ll be responsible for the daily execution, facilitation, and coordination of activities for Health Benefits’ Information Security Program.  You’ll conduct risk management by evaluating current conditions, systems and practices within IT and across the enterprise to inform the IS Dashboard and as appropriate develop and maintain effective practices to identify, document, isolate, deter, defend against threats and orchestrate remediation efforts. 

     

    The role of the Sr GRC Analyst is to work with key business units to drive the design, implementation, operation, and remediation activities of industry accepted control frameworks (NIST CSF, HITRUST, COBIT, etc) in support of established policies, standards, and regulatory requirements.  In this role, you will provide controls subject matter expertise, guidance, and internal consultancy to business partners, including IT.  You’ll work closely with IS leadership to help ensure the organization is applying the appropriate security controls as determined by the IS strategy.

     

    RESPONSIBILITIES:

    • Owns overall responsibility for Trustmark's InfoSec Compliance Integrated Framework and ensuring that policies and processes are aligned to the framework and meeting regulatory and contractual requirements.
    • Expertly reviews, analyzes, and makes recommendations for information security risk; driving improvements to business and IT operational processes. Includes research into current information security and privacy best practices in the context of business and IT processes, working with organization-wide groups to implement critical risk reductions.
    • Coordinates with external and internal auditors and system-wide stakeholders, providing points of contact as well as facilitating the creation and delivery of data call items and other forms of evidence for efforts that carry substantial consequences of success or failure. Ensures critical applications and supporting infrastructure adhere to security policies and standards by executing compliance checks and periodic reviews. Includes maintaining compliance documentation, internal reporting, creation of technical compliance controls, and gap assessment.
    • Provides internal consultative and partnership support to IT and other staff to develop secure processes and technology in compliance with HIPAA, Centers for Medicare & Medicaid Services (CMS) Information Security Acceptable Risk Safeguards (ARS), NIST Cybersecurity Framework, and any other related programs.
    • Leads and completes risk analysis for both onsite, written or verbal assessments, with the assistance of the business, ensuring consistent execution.
    • Owns, liaises, coordinates and engages with external and internal stakeholders on all IT audit and security assessment activities, and ensures facilitation with all stakeholders on the preparation and presentation of appropriate examination materials.
    • Creates and drives the format for the consultation to IT and technology service owners with gold standard technical baselining, including but not limited to NIST CSF security framework.
    • Provides thought leadership on topics and key issues for information security awareness.
    • Collaborates across IT departments to identify, administer, analyze, and solve critical security problems, as well as operationalize lessons learned into existing or new technological controls, solutions, processes, procedures, knowledge articles.
    • Provides in-depth subject matter expertise regarding regulatory efforts, technology compliance requirements and alignment of work being done by other Trustmark projects and teams with InfoSec policies and controls.
    • Is the primary security resource that plays a key collaborative, influencing and consultative role in system, network and data protection and secure system engineering lifecycle."
    • Applies knowledge and skills in their own discipline to complete a wide range of tasks. Identifies key issues from conflicting or partial information.
    • Serves as point of contact to solve complex problems by means of systematic and disciplined troubleshooting.
    • Guides security administrators, analysts and IT staff in the resolution of complex security incidents.
    • Helps lead security investigations as incident response coordinator.
    • Provides thought leadership on information security operations and best practices

     

    KEY ACCOUNTABILITIES

    Percentage of Time

     

    20%

    Owns overall responsibility for Trustmark's InfoSec Compliance Integrated Framework

    20%

    Expertly reviews, analyzes, and makes recommendations for information security risk

    20%

    Coordinates with external and internal auditors and system-wide stakeholders

    20%

    Partnership support to IT and other staff to develop secure processes and technology

    20%

    Leads and completes risk analysis for both onsite, written or verbal assessments

     

     

     

     

    TOTAL = 100%  

    SUPERVISORY RESPONSIBILITIES

     

    DIRECT REPORTS:

    0

    INDIRECT REPORTS:

    0

    This is an individual contributor role.

    EDUCATION AND EXPERIENCE

    MINIMUM REQUIREMENTS

    PREFERRED

    • Strong intellectual curiosity

    • Bachelor’s Degree and 6+ years of related experience OR High School Diploma/GED with 8+ years of related experience.

    • Knowledge of HIPAA Security Rule, NYSDFS, and other federal and state security laws.

    • Strong, effective communication skills, both verbal and written

    • Ability to interact with and present to senior leaders both in IT and across the organization

    • Prior experience with program/project planning, development, and management methodologies

    • Certifications such as CISSP, CRISC, CISA, SANS, CTPRP/CTPRA, etc.

     

    Required Skills Required Experience

  • Qualifications

    Required Skills:

    • Job related experience for 3 year(s) minimum.
    • Advanced user of technology including computers, tablets, software. 
    • Experience with teaching on adult learning methods, skills and techniques. 
    • Experience developing content using Microsoft Office and other content development tools. 
    • Experience using and supporting learning management and content management systems. 
    • Ability to identify, organize and administrate local training grant opportunities. 
    • Ability to communication with associates at all levels of the organization. 
    • Excellent planning and organization skills. 
    • Excellent presentation, oral and written communication skills. 
    • Excellent customer service skills.
    • Self-motivation with the ability to work independently.
    • Personal integrity, confidence, and enthusiasm.
    • Must follow company policies, procedures, practices, and standards of conduct. 
    • Must maintain professional competence, ethical integrity, knowledge, and skills.
    • Bilingual – Spanish/Chinese would be a plus
    • Bachelor’s degree in business management, or related field or the equivalent industry experience, knowledge and operational skills acquired through working.
    • Work is generally performed within a manufacturing environment subjected to temperatures of cold and warm along with wearing the proper PPE, with standard office equipment available along with plant manufacturing environment.
    • While performing the duties of this job, the employee is regularly required to sit, stand, bend, walk, use hands or finger, talk, hear, feel objects, tools, or controls; may be required to lift up to 50 pounds. Vision abilities include close vision to a computer screen.

    OSI Industries is an Equal Employment Opportunity employer that believes everyone has the right to be treated with dignity and respect. OSI  does not discriminate on the basis of national origin, gender, race, color, religion, pregnancy, gender identity, sexual orientation, protected veteran status, disability, or any other characteristic protected by applicable law.  All applicants will receive consideration for employment based on merit, qualifications and business needs. OSI participates in the E-Verify program.