Sr. Staff Compliance Analyst

Company: eHealth
Location: Santa Clara
Posted on: May 14, 2022

Job Description:

Get your career started at eHealtheHealthInsurance has many exciting career opportunities in a number of locations, across various functions. Come join us today!Senior Staff GRC Compliance AnalystWe're looking for a versatile and curious Governance, Risk, and Compliance (GRC) professional passionate about the people, processes, and technology that enable eHealth to achieve its mission. Your expertise will drive improvements to processes and procedures that empower sound decision-making. Your interpersonal skills will help foster a risk-aware culture throughout the company.Compliance is a crucial pillar supporting our overall information security program. Your mission is to work with stakeholders across IT, Technical Operations, Engineering, Compliance, Legal, and HR to lead the implementation of the company's technical compliance program. As an individual contributor, you will report to the Chief Information Security Officer, assessing, evaluating, and making recommendations to management and stakeholders regarding implementing security controls aligned with SOC-2 and eHealth's Risk Management program.Primary Responsibilities:Manage and support audit engagements (e.g., SOC 2, SOX, PCI-DSS, HITRUST), the audit request lists and ensure requests are being fulfilled by stakeholder management;participate in internal/external audits as it relates to evidencing control management practicesassist the business to document, assess, remediate any issues and risks raised during audit examinations and risk assessmentsCoordinate and collate required evidence for external and internal audit support; manage the control and process libraries and assist the business in implementing internal controlsAssist with compliance maturity for eHealth:assist in management of security policies and standards; identify control gaps and perform controls monitoring; develop metrics to report to managementAssist the Compliance team with GRC tool administration and configurationAddress awareness and training for all compliance stakeholders. Along with your strong customer service mindset, you will partner with eHealth departments and our supply chain partners to recommend compliance solutions. You will evaluate the status of complex projects and identify and implement appropriate corrective measures to resolve issues as they arise.Required Qualifications:A Bachelor's degree in a technical/security field or a non-technical degree with combination of compliance-related work experienceAt least 5 years of experience working with the following frameworks: SOC 2 & PCI-DSSDemonstrated experience with information security risk, governance, and control frameworks and/or regulatory requirements including SOC-2., SOX, PCI-DSS, CIS, NIST, HIPAA, & PrivacyExperience working with a GRC toolproven ability to provide constructive challenge to the business and ensure risks are assessed adequately and addressed appropriatelystrong written and verbal communication skills; able to foster a collaborative working relationship with stakeholders in a fast-paced, team-oriented environmentBonus Points ifYou understanding the value of usability and buy-in when it comes to security policy and practicesPassion for efficiencyAn innovative and entrepreneurial spiritYou'll be part of a team that works toward shared goals with an open-minded and cohesive team. We're passionate about growing a diverse and inclusive team at eHealth because it makes us a stronger company and stronger together. We're committed to creating an inclusive space for everyone, no matter what.eHealth is an Equal Employment Opportunity employer. It is our policy to provide equal opportunity to all employees and applicants and to prohibit any discrimination because of race, color, religion, sex, national origin, age, marital status, sexual orientation, genetic information, disability, protected veteran status, or any other consideration made unlawful by applicable federal, state or local laws. The foundation of these policies is our commitment to treat everyone fairly and equally and to have a bias-free work environment.If you are interested in applying for employment with eHealth and need special assistance or an accommodation to apply for a posted position contact us at: .

Keywords: eHealth, Santa Clara , Sr. Staff Compliance Analyst, Professions , Santa Clara, California