IT Security Specialist / Compliance/ Governance Analyst

Title: IT Security Specialist / Compliance/ Governance Analyst

Work Location: Detroit, MI, 48226

Duration: 5 Months

Job Type: Contract

Work Type: Onsite

Dept: EIS Purchased Services

Pay rate: $44-$44/hr

Overview:

TekWissen is a global workforce management provider headquartered in Ann Arbor, Michigan that offers strategic talent solutions to our clients world-wide. Our client is a health insurance company. It offers different types of health care coverage plans that include individual and family, dental and vision, plans for employers, etc.

Job Description:

• The EIS Compliance/Governance Analyst will be responsible for assisting in the responsibilities of executing the security framework compliance/governance activities and requirements for the client.
• Day-to-day responsibilities will also include documenting adherence to governance requirements across policies/standards, procedures, controls, compliance, training and awareness, and preparing metrics/KPIs and reporting materials.
• This role will report to the EIS ESF Manager.
• Evaluate the design and operation effectiveness of Business/IT operations against the HITRUST CSF and identify areas of improvement
• Interview SMEs, examine evidence documentation, analyse and perform testing
• Learn the company functions/processes by conducting process walk throughs
• Analyse root cause of issues, provide recommendations for process improvements and risk mitigation based on assessment findings
• Collaborate with cross-functional teams to mitigate risks and ensure compliance with HITRUST CSF
• Deliver effective and concise documentation that meets HITRUST quality standards
• Prepare and provide reporting such as dashboards and metrics, on various areas of performance, issue analysis and assessment statuses
• Utilize GRC tools to effectively manage assessment remediation plans and documentation
• Serve as a HITRUST subject matter expert
• Participate and provide support during audits, assessments, or other required third-party reviews.
• Support initiatives/projects
• Build relationships internally to foster a culture of teamwork and collaboration

Top 3 Required Skills/Experience –

• At least 3-5 years of work experience in IT compliance, IT Assessments and/or IT audit experience as well as knowledge and understanding of governance, risk, compliance
• Knowledge of security and risk frameworks, standards, best practices (e.g., HITRUST CSF, NIST CSF, ISO/IEC 27001, COBIT)
• Self-starter with effective written and verbal communication skills along with strong critical thinking skill

Required Skills/Experience – The rest of the required skills/experience. Include:

• Effective written and verbal communication skills and the ability to tailor communication style to the audience at hand
• Experience in coordination and execution of the audit lifecycle, including evidence collection, review, observation tracking, management response collection and auditor relations and communication.
• Strong demonstration of problem-solving and decision-making ability.
• Experience working on testing of IT controls across systems, databases, applications and operating systems.
• Strong ability to frame and deliver messages based on experience and level of the listener.
• Strong critical thinking skills to actively pursue opportunities to develop and implement solutions to solve work problems.
• Must be able to solve problems, handle conflict, and make effective decisions under pressure with a highly professional demeanor.
• Strong organizational skills
• Strong ability to adjust to changing priorities while multitasking effectively.
• Self-directed and works with minimal guidance. Proactively seeks guidance when needed.

Education/Certifications – Include:

• Undergraduate university degree (4-year) preferred but not required.
• Masters (e.g., MBA, MSIS, MIS, etc.) degree preferred but not required.
• Five (5) years of combined IT experience to include two (2) years IT security work
• Experience in Information Security, IT general controls, IT compliance, IT assessments and/or IT audit experience.
• Certified Information Systems Security Professional (CISSP), CISA, CPA/CA, CISM or other equivalent professional certification preferred but not required.

TekWissen® Group is an equal opportunity employer supporting workforce diversity.