Senior Analyst, Governance, Risk and Compliance @ Evergreen Nephrology | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Senior Analyst, Governance, Risk and Compliance jobs in Nashville, TN
59 applicants
company-logo

Evergreen Nephrology · 16 hours ago

Senior Analyst, Governance, Risk and Compliance

positionNashville, TN
timeFull-time
remoteRemote
seniorityMid, Senior Level
money$110K/yr - $120K/yr
date5+ years exp
ftfMaximize your interview chances
Health CareMedical

Insider Connection @Evergreen Nephrology

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Develop a strong understanding of Evergreen’s business processes to better support information security and GRC initiatives.
Lead the assessment and management of risks across Evergreen and Joint Venture partners, including conducting risk assessments, identifying gaps, and developing mitigation plans.
Develop and implement comprehensive GRC strategies, policies, and standard operating procedures to ensure regulatory compliance and alignment with industry best practices.
Proactively identify security risks and vulnerabilities while eliminating cybersecurity threats via stakeholder interviews, documentation review, and deep dive testing and control validation.
Work with Information Security Team to optimize and monitor security tools including email gateways, DLP, CASB, centralized logging, and vulnerability management.
Ensure robust security measures through system and device hardening and vulnerability management.
Establish a risk-based approach to Third Party Risk Management that ensures risk management activity is commensurate with the level of risk applicable for a given third party.
Conduct security risk assessments, including third-party risk assessments, to evaluate security posture and compliance with HITRUST and HIPPA privacy and security rules.
Own the cyber risk register, working with risk owners to assess and remediate identified risks.
Draft, update, and maintain security policies, standard operating procedures, and system documentation.
Work with the Director and Sr. Director of Information Security to support security policy management, issue tracking, and risk exception handling.
Collaborate with Director of Security on the development and implementation of security awareness trainings and phishing campaigns, collecting data for analysis and improving security posture.
Develop and track security metrics and KPIs to measure the effectiveness of security controls, risk mitigation efforts, and compliance initiatives.
Drive continuous improvement efforts by identifying opportunities for enhancing security governance, risk management, and compliance practices.
Provide guidance and training to Team Members on GRC policies, procedures, and best practices.
Communicate risk assessment findings and recommendations clearly to stakeholders at all levels.
Regular and reliable attendance.
Other duties as assigned.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Risk ManagementGRCIT ComplianceHITRUSTHIPAANISTCISSPCISMCISAMicrosoft AzureCloud TechnologiesProject ManagementMS Office Suite

Required

Bachelor's Degree (BA/BS) from a 4-year college or university in Computer Science, Information Technology, or a related field
Five (5) years of experience in risk management, GRC, IT compliance, or IT audit, with significant experience working in healthcare
Demonstrated experience working with HITRUST, HIPAA, NIST and CIS frameworks and regulations
Deep understanding of risk and compliance frameworks (HIPAA, NIST, HITRUST, SOC2) and hands-on experience with Microsoft Azure security and compliance features e.g. Purview, Insider Risk Management and Data Loss Prevention
Technical leader with an understanding of cloud technologies, infrastructure, network, and mobile security
Strong project management skills with the ability to prioritize and manage multiple initiatives
Excellent communication and interpersonal skills for effective collaboration with cross-functional teams
Analytical skills with high attention to detail, demonstrated problem-solving capabilities, and the ability to produce clear documentation
Intermediate skills with MS Office Suite of products including Outlook and Teams
Ability to work effectively in a primarily remote environment with minimum internet speed requirements

Preferred

CISSP, CISM, CISA Certifications
Bachelor's Degree (BA/BS) from a 4-year college or university in Computer Science, Information Technology, or a related field preferred

Benefits

Paid time off starting at four weeks for full-time employees
12 paid holidays per year
Reimbursement for continuing medical education
401k with match
Health, dental, and vision insurance
Paid parental leave

Company

Evergreen Nephrology

twittertwitter
company-logo
Evergreen helps nephrologists focus on the right patients at the right time across the full care spectrum.
dateFounded in 2021
location
Nashville, Tennessee, USA
people-size201-500 employees
web-link
https://evergreennephrology.com/

Funding

Current Stage
Growth Stage
Total Funding
$4.33M
2022-06-06Seed· $4.33M

Leadership Team

leader-logo
John E. Donlan
CEO
linkedin

Recent News

PRNewswire
Evergreen Nephrology Appoints John Donlan as CEO
2024-10-22
Nashville Post
Local kidney care company makes C-suite changes
2024-05-04
Citizen Tribune
New Executives Join Evergreen Nephrology Leadership Team | Business & Finance | citizentribune.com
2024-05-04
Company data provided by crunchbase
logo

Orion

Your AI Copilot