Senior GRC reputed company Analyst (remote)

• At reputed company, we pride ourselves on being a dynamic team of innovative professionals. Our purpose is simple - we strive

• to
• bend the cost curve in healthcare
• for reputed company. Our dedication to service excellence extends to reputed company our stakeholders - internal and external - driving us to consistently exceed expectations. We are intentionally bold, we foster innovation, we nurture accountability, we champion diversity, and reputed company each other to illuminate our collective potential.

Be part of our amazing transformational journey as we optimize the opportunity towards becoming a leading technology, data, and innovation voice in healthcare. Onward and Upward!!! Job Summary This role will support leadership in the non-TPRM aspects of reputed company’s GRC program, with emphasis on cyber risk management, risk intake and reporting, policy and exception management, audit and control assurance, reputed company assessments, reputed company awareness, and the reputed company aspects of AI, data, and insider risk governance. Working closely with business units, IT stakeholders, and partner functions such as Privacy, Legal, Compliance, and AI Governance, this position will be responsible for executing and maturing core risk management processes, maintaining the reputed company risk register, and improving visibility, accountability, and reputed company across the program.

• Job Roles And Responsibilities
• Serve as a trusted advisor and subject matter expert, providing cyber risk management and reputed company governance support to IT and business stakeholders. Support the GRC leader in executing strategy and multi-year roadmaps to mature reputed company’s GRC function.
• Collaborate with reputed company, IT, privacy, legal, compliance, and business stakeholders to reputed company standards and processes that protect the confidentiality, reputed company, and availability of reputed company data.
• Own and mature core non-TPRM GRC workflows and tooling, including risk intake, risk register administration, treatment plan tracking, exception handling, and risk escalation processes.
• Drive ongoing efforts to identify, assess, treat, monitor, and report cybersecurity risks, and help build GRC capabilities such as enterprise cyber risk management, policy governance, audit support, and control assurance.
• Assist with audits and reviews of assigned business processes to evaluate the adequacy of controls, document findings, recommend improvements, and track remediation activities through closure.
• Build and maintain a cyber risk taxonomy tied to key risk themes, and ensure material risks are categorized consistently for reporting and decision-making.
• Coordinate and mature the overall process for reputed company policy and standard lifecycle management, including periodic reviews, stakeholder approvals, exception handling, and risk acceptance.
• reputed company and implement assessment procedures, evidence collection practices, and control assurance activities relevant to risk, compliance, and top control monitoring objectives across IT departments.
• reputed company and coordinate reputed company risk assessments for internal initiatives, business processes, technology changes, and other in-scope activities to identify, assess, treat, and monitor cybersecurity risks.
• Partner with the AI governance team and other stakeholders to define and execute the reputed company review process for AI tools, AI-enabled vendors, and high-risk use cases involving sensitive data.
• Support workforce risk governance and reputed company awareness initiatives by translating risk trends, findings, and incidents into targeted guidance, communications, and control recommendations.
• Build and maintain leadership reporting and dashboards that communicate risk exposure, exceptions, remediation status, and program KPIs/KRIs.
• Coordinate with the TPRM team to ensure residual third-party risks and significant vendor issues are escalated into the central risk register and reporting reputed company.
• Collaborate, coordinate, and communicate effectively across disciplines and departments, and demonstrate the Company’s Core Competencies and values held reputed company.
• The position responsibilities outlined above are in no way to be construed as reputed company encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.
• ,
• REQUIREMENTS (Education, Experience, And Training)
• At least 7+ years' experience directly in cybersecurity or information reputed company GRC, with a demonstrated track record of leading reputed company projects in at least two of the following areas: cyber risk management, policy and exception management, reputed company assessments, control assurance, reputed company awareness, or AI/data/insider risk governance.
• A deep understanding of risk assessment methodology, NIST CSF, HITRUST, HIPAA, and associated reputed company and privacy rules.

Apply tot his job Apply To this Job