Sr. Staff Compliance Analyst
Company: eHealth
Location: Santa Clara
Posted on: May 14, 2022
|
|
Job Description:
Get your career started at eHealtheHealthInsurance has many
exciting career opportunities in a number of locations, across
various functions. Come join us today!Senior Staff GRC Compliance
AnalystWe're looking for a versatile and curious Governance, Risk,
and Compliance (GRC) professional passionate about the people,
processes, and technology that enable eHealth to achieve its
mission. Your expertise will drive improvements to processes and
procedures that empower sound decision-making. Your interpersonal
skills will help foster a risk-aware culture throughout the
company.Compliance is a crucial pillar supporting our overall
information security program. Your mission is to work with
stakeholders across IT, Technical Operations, Engineering,
Compliance, Legal, and HR to lead the implementation of the
company's technical compliance program. As an individual
contributor, you will report to the Chief Information Security
Officer, assessing, evaluating, and making recommendations to
management and stakeholders regarding implementing security
controls aligned with SOC-2 and eHealth's Risk Management
program.Primary Responsibilities:Manage and support audit
engagements (e.g., SOC 2, SOX, PCI-DSS, HITRUST), the audit request
lists and ensure requests are being fulfilled by stakeholder
management;participate in internal/external audits as it relates to
evidencing control management practicesassist the business to
document, assess, remediate any issues and risks raised during
audit examinations and risk assessmentsCoordinate and collate
required evidence for external and internal audit support; manage
the control and process libraries and assist the business in
implementing internal controlsAssist with compliance maturity for
eHealth:assist in management of security policies and standards;
identify control gaps and perform controls monitoring; develop
metrics to report to managementAssist the Compliance team with GRC
tool administration and configurationAddress awareness and training
for all compliance stakeholders. Along with your strong customer
service mindset, you will partner with eHealth departments and our
supply chain partners to recommend compliance solutions. You will
evaluate the status of complex projects and identify and implement
appropriate corrective measures to resolve issues as they
arise.Required Qualifications:A Bachelor's degree in a
technical/security field or a non-technical degree with combination
of compliance-related work experienceAt least 5 years of experience
working with the following frameworks: SOC 2 & PCI-DSSDemonstrated
experience with information security risk, governance, and control
frameworks and/or regulatory requirements including SOC-2., SOX,
PCI-DSS, CIS, NIST, HIPAA, & PrivacyExperience working with a GRC
toolproven ability to provide constructive challenge to the
business and ensure risks are assessed adequately and addressed
appropriatelystrong written and verbal communication skills; able
to foster a collaborative working relationship with stakeholders in
a fast-paced, team-oriented environmentBonus Points ifYou
understanding the value of usability and buy-in when it comes to
security policy and practicesPassion for efficiencyAn innovative
and entrepreneurial spiritYou'll be part of a team that works
toward shared goals with an open-minded and cohesive team. We're
passionate about growing a diverse and inclusive team at eHealth
because it makes us a stronger company and stronger together. We're
committed to creating an inclusive space for everyone, no matter
what.eHealth is an Equal Employment Opportunity employer. It is our
policy to provide equal opportunity to all employees and applicants
and to prohibit any discrimination because of race, color,
religion, sex, national origin, age, marital status, sexual
orientation, genetic information, disability, protected veteran
status, or any other consideration made unlawful by applicable
federal, state or local laws. The foundation of these policies is
our commitment to treat everyone fairly and equally and to have a
bias-free work environment.If you are interested in applying for
employment with eHealth and need special assistance or an
accommodation to apply for a posted position contact us at: .
Keywords: eHealth, Santa Clara , Sr. Staff Compliance Analyst, Professions , Santa Clara, California
Click
here to apply!
|