Information Security GRC Analyst III

Job Summary:

The Information Security GRC Analyst III manages day to day, short and long term Information Technology (IT) compliance and information security risks, and ensures activities are within risk tolerance and in compliance with approved risk management policies, procedures and limits.

Essential Functions:

• Collaborate with Corporate Compliance team to manage, gather, track, and provide IT responses for external audits
• Review and report on IT Compliance activities and progress toward goals
• Engage IT staff and/or vendors to address corrective action plans (CAPs) and remediate audit observations and findings.  
• Lead IT staff in developing management responses to internal audit observations, and secure approval from IT leadership.
• Monitor and report on IT-related CAPs and remediation efforts to ensure timely execution
• Engage employees in the management of information security risk and compliance, and ensure they are aware of their accountabilities with regard to information security risk management and compliance
• Lead Information Security staff in updating policies, procedures, and handbook documents to address evolving compliance requirements.
• Regularly assess and report to management any exceptions to information security policies, procedures, and limits
• Contribute and provide input to the development of operational department goals
• Acts as technical expert in functional domain
• Recommends technical advancements to improve CareSource customer and partner experiences
• Perform any other job related instructions as requested

Education and Experience:

• Bachelor Degree or equivalent years of relevant work experience required
• Minimum of seven (7) years of relevant work experience is required

Competencies, Knowledge and Skills:

• Ability to effectively prioritize and execute tasks while working both independently and in a team-oriented, collaborative environment
• Strong interpersonal skills including excellent written and verbal communication skills; listening and critical thinking; presentation skills, facilitation skills
• Ability to establish effective working relationships with stakeholders at all different levels
• Flexibility during organizational and/or business changes
• Ability to manage multiple projects while demonstrating a sense of urgency
• Effective problem-solving skills with attention to detail
• Working technical knowledge/experience of the following:
  • IT Audit
  • Application, server, and network security
  • Monitoring security events and supporting incident response activities
  • Sarbanes-Oxley (SOX) compliance
  • Microsoft Office
  • Access Management/Authentication and Authorization
  • Scurity Monitoring
  • Data Enryption
  • Computer Networking
  • Security Internet protocols (SSL, IPSEC, TCP/IP)
  • Windows Operating System
  • Project Management

Licensure and Certification:

• Certified in Risk and Information System Control (CRISC) or System Security Certified Practitioner (SSCP) preferred

Working Conditions:

• General office environment; may be required to sit or stand for extended periods of time

Compensation Range:

CareSource takes into consideration a combination of a candidate’s education, training, and experience as well as the position’s scope and complexity, the discretion and latitude required for the role, and other external and internal data when establishing a salary level. In addition to base compensation, you may qualify for a bonus tied to company and individual performance. We are highly invested in every employee’s total well-being and offer a substantial and comprehensive total rewards package.

Compensation Type (hourly/salary):

Organization Level Competencies

• Create an Inclusive Environment

• Cultivate Partnerships

• Develop Self and Others

• Drive Execution

• Influence Others

• Pursue Personal Excellence

• Understand the Business

This job description is not all inclusive. CareSource reserves the right to amend this job description at any time. CareSource is an Equal Opportunity Employer. We are dedicated to fostering an inclusive environment that welcomes and supports individuals of all backgrounds.