What are the responsibilities and job description for the Associate Security Analyst, Risk and Security position at Press Ganey?
Company Description
PG Forsta is the leading experience measurement, data analytics, and insights provider for complex industries—a status we earned over decades of deep partnership with clients to help them understand and meet the needs of their key stakeholders. Our earliest roots are in U.S. healthcare –perhaps the most complex of all industries. Today we serve clients around the globe in every industry to help them improve the Human Experiences at the heart of their business. We serve our clients through an unparalleled offering that combines technology, data, and expertise to enable them to pinpoint and prioritize opportunities, accelerate improvement efforts and build lifetime loyalty among their customers and employees.
Like all great companies, our success is a function of our people and our culture. Our employees have world-class talent, a collaborative work ethic, and a passion for the work that have earned us trusted advisor status among the world’s most recognized brands. As a member of the team, you will help us create value for our clients, you will make us better through your contribution to the work and your voice in the process. Ours is a path of learning and continuous improvement; team efforts chart the course for corporate success.
Our Mission
We empower organizations to deliver the best experiences. With industry expertise and technology, we turn data into insights that drive innovation and action.
Our Values
To put Human Experience at the heart of organizations so every person can be seen and understood.
The Associate Security Analyst, Risk and Security is an individual contributor in PG Forsta's Risk and Security team and is responsible for reviewing and auditing controls that manage information risk and security. The duties of each member of the security team can fluctuate based on needs and risks, but this analyst will be primarily responsible for ensuring that the organization's security practices remain in compliance with all internal policies, pertinent laws and regulations, and client commitments. While this is not a primarily technical role, the analyst is expected to understand information security practices and technologies from an audit and compliance perspective.
All analysts in the Risk and Security team are expected to contribute to the design, implementation, and governance of security policies and apply this knowledge to answering questions from internal teams, clients and auditors. Additionally, questions related to technologies, solutions, and processes that secure corporate applications, data, computers, and networks is answered based on documentations provided to the Risk and Security team. As a contributor to the team, this analyst will be expected to stay informed of information security practices, changes to the company environment and act as a trusted subject matter expert for the team.
The Associate Security Analyst, Risk and Security is responsible for:
This position will have no direct reports.
Auditing and Internal Controls Monitoring
High School Diploma or equivalent.
The expected base salary for this position ranges from $54,000 to $70,000. It is not typical for offers to be made at or near the top of the range. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, licensure or certifications obtained. Market and organizational factors are also considered. In addition to base salary and a competitive benefits package, successful candidates are eligible to receive a discretionary bonus or commission tied to achieved results.
Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At Press Ganey we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.
Additional Information For US Based Jobs
Press Ganey Associates LLC is an Equal Employment Opportunity/Affirmative Action employer and well committed to a diverse workforce. We do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, veteran status, and basis of disability or any other federal, state, or local protected class.
Pay Transparency Non-Discrimination Notice – Press Ganey will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
All your information will be kept confidential according to EEO guidelines.
Our privacy policy can be found here: https://www.pressganey.com/legal-privacy/
PG Forsta is the leading experience measurement, data analytics, and insights provider for complex industries—a status we earned over decades of deep partnership with clients to help them understand and meet the needs of their key stakeholders. Our earliest roots are in U.S. healthcare –perhaps the most complex of all industries. Today we serve clients around the globe in every industry to help them improve the Human Experiences at the heart of their business. We serve our clients through an unparalleled offering that combines technology, data, and expertise to enable them to pinpoint and prioritize opportunities, accelerate improvement efforts and build lifetime loyalty among their customers and employees.
Like all great companies, our success is a function of our people and our culture. Our employees have world-class talent, a collaborative work ethic, and a passion for the work that have earned us trusted advisor status among the world’s most recognized brands. As a member of the team, you will help us create value for our clients, you will make us better through your contribution to the work and your voice in the process. Ours is a path of learning and continuous improvement; team efforts chart the course for corporate success.
Our Mission
We empower organizations to deliver the best experiences. With industry expertise and technology, we turn data into insights that drive innovation and action.
Our Values
To put Human Experience at the heart of organizations so every person can be seen and understood.
- Energize the customer relationship: Our clients are our partners. We make their goals our own, working side by side to turn challenges into solutions.
- Success starts with me: Personal ownership fuels collective success. We each play our part and empower our teammates to do the same.
- Commit to learning: Every win is a springboard. Every hurdle is a lesson. We use each experience as an opportunity to grow.
- Dare to innovate: We challenge the status quo with creativity and innovation as our true north.
- Better together: We check our egos at the door. We work together, so we win together.
The Associate Security Analyst, Risk and Security is an individual contributor in PG Forsta's Risk and Security team and is responsible for reviewing and auditing controls that manage information risk and security. The duties of each member of the security team can fluctuate based on needs and risks, but this analyst will be primarily responsible for ensuring that the organization's security practices remain in compliance with all internal policies, pertinent laws and regulations, and client commitments. While this is not a primarily technical role, the analyst is expected to understand information security practices and technologies from an audit and compliance perspective.
All analysts in the Risk and Security team are expected to contribute to the design, implementation, and governance of security policies and apply this knowledge to answering questions from internal teams, clients and auditors. Additionally, questions related to technologies, solutions, and processes that secure corporate applications, data, computers, and networks is answered based on documentations provided to the Risk and Security team. As a contributor to the team, this analyst will be expected to stay informed of information security practices, changes to the company environment and act as a trusted subject matter expert for the team.
The Associate Security Analyst, Risk and Security is responsible for:
- Requesting, submitting and filing artifacts related to the completion of third-party audits including, but not limited to HITRUST CSF, SOC 2, ISO 27001, FedRAMP, TX-RAMP and contractually required frameworks
- Responding to requests for information about the PG Forsta security program and the security of PG Forsta’s products
- Evaluating the security of PG Forsta vendors as part of the third-party risk management program.
This position will have no direct reports.
Auditing and Internal Controls Monitoring
- Work with external auditors to interpret audit requests into actionable requests and provide responses.
- Collect and review evidence of technical control implementation and report on deficiencies and control failure.
- Communicate significant control and compliance risk to management
- Identify opportunities for improvement in response and evidence collection by consolidating audit requirements.
- Identifying areas that would support automating evidence collection
- Supporting an ongoing audit-friendly culture.
- Collect and update information in the organization’s Risk and Security knowledge repositories.
- Respond to requests for information about PG Forsta’s security program and Risk and Security topics related to the organization’s products
- Collect information and provide responses to risk and security topics related to the work they perform.
- Monitor and audit people, processes, and technology to ensure compliance with approved policies.
- Complete tasks associated with internal controls monitoring and report on collection difficulties or and escalate to management as appropriate.
- Assist with the documentation of computer security and emergency measures policies, procedures, and tests.
- Work with Legal, Technology, and other business partners to communicate, translate and maintain controls that protect data and appropriately manage its lifecycle.
- Identify and communicate risks relating to PG Forsta data, systems, and personnel as discovered.
High School Diploma or equivalent.
The expected base salary for this position ranges from $54,000 to $70,000. It is not typical for offers to be made at or near the top of the range. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, licensure or certifications obtained. Market and organizational factors are also considered. In addition to base salary and a competitive benefits package, successful candidates are eligible to receive a discretionary bonus or commission tied to achieved results.
Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At Press Ganey we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.
Additional Information For US Based Jobs
Press Ganey Associates LLC is an Equal Employment Opportunity/Affirmative Action employer and well committed to a diverse workforce. We do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, veteran status, and basis of disability or any other federal, state, or local protected class.
Pay Transparency Non-Discrimination Notice – Press Ganey will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
All your information will be kept confidential according to EEO guidelines.
Our privacy policy can be found here: https://www.pressganey.com/legal-privacy/
Salary : $54,000 - $70,000
