Be part of a team that unleashes the power of leading-edge technologies to help improve the health and well-being of those most vulnerable in our country and communities. You’ll have an incredible opportunity to grow your career in a company that values work flexibility, learning, and career development. You’ll add to your technical credentials and certifications while enjoying a generous, flexible vacation policy and educational assistance. We also have comprehensive leadership and technical development academies to help build your skills and capabilities.
Summary
As a Cyber Security Assessment Advisor, you can contribute your skills as we harness the power of technology to help our clients improve the health and well-being of the members they serve — a community’s most vulnerable. Connect your passion with purpose, teaming with people who thrive on finding innovative solutions to some of healthcare’s biggest challenges. The Risk Assessor is the tip of the spear for audit and compliance activity. This role works in direct alignment with the accounts Information Security Leader as the compliance arm of cyber security. Here are the details on this position.
Your role in our mission
Take charge and focus on how we can meet critical needs to help clients deliver better health and human services outcomes.
- Perform hands on technical Cyber audit and risk assessments (NIST 800-53 r5, HIPAA, SOC2, MARS-E) as an individual contributor from audit kick off to delivery of the metrics and reporting.
- Deliver polished, concise reporting in the form of crisp Power Point presentations that resonate with executive leaders.
- Excellent communication skills and the ability to quickly deliver a clear message on risk and compliance to control performers, managers, and executives.
- Serve as SME and advisor on audit and compliance readiness matters across the company and at every level of staff and management.
- Interface directly and indirectly with external and internal auditors and assessors to advise Gainwell staff on compliance reporting requirements.
- Demonstrate your knowledge as SME and liaison for clients and internally between technical and non-technical workers to transform regulations and controls into language they understand.
What we’re looking for
- A minimum 7+ years of experience in the field of Information Security, with a minimum of 5 years’ prior experience working as an Auditor in a reputed Information Security or Auditing firm.
- A minimum of 7 years performing hands on Information Security Risk Assessment or IT audit (SOC1, SOC2, MARS-E, NIST, HIPAA, etc…) in healthcare, financial services or IT services preferred.
- Extensive research and advisory background in assessing the current and future impact on compliance posture and advising management with roadmap planning.
- Prior experience interacting with regulators (such as PCAOB and other inspections), external auditors, and internal auditors in supporting and defending audit positions.
- Extensive experience using Microsoft office for data analysis and word processing/presentation software to develop plans, procedures, and reports.
- Substantial prior exposure to data processing, hardware platforms, enterprise software applications and outsourced systems including a good understanding of computer systems characteristics, features and integration capabilities.
What you should expect in this role
- This role is 100% remote with up to 20% travel possible.