The #1 Site for IT and Engineering Jobs - search all IT and Engineering  jobs.
Idh3hc6fvyntw594999

IT Risk Management & Compliance Analyst

Job Description

IT Risk Management & Compliance Analyst

Imagine a workplace that encourages you to interpret, innovate and inspire. Our employees do just that by helping healthcare payers manage the cost of care, improve competitiveness and inspire positive change. You can be part of an established company with a 40-year legacy that helps our customers thrive by interpreting our client's needs and tailoring innovative healthcare cost management solutions.

Our commitment to diversity, inclusion and belonging are part of the fabric of our company.  We strive to create a workplace that fosters mutual respect and collaboration, where every talented individual can participate and perform their best work.  We are MultiPlan and we are where bright people come to shine! 

Please note: our offices are currently closed due to the pandemic and our employees are working from home. Once our offices reopen, this position will transition to working in either our NYC, Naperville, IL, Arlington, TX, Bedford, MA or Rockville, MD office. 



JOB DESCRIPTION

This role is a critical position within the team, and has risk and compliance responsibilities from a technology and cyber security perspective across the IT organization. Working closely with Internal Audit and IT stakeholders across the organization, this position will be responsible for operating and enhancing the audit and assessment portfolio of efforts to streamline evidence collection in support of HITRUST, SOX, SOC and HIPAA.

Your job duties will include the following:

1.    Support MultiPlan’s IT Risk Management Program

2.    Develop and maintain a centralized evidence repository system in support of various audits and assessments that, at the minimum:

       a.    Includes commonly asked security questions and answers

       b.    Provides search functionality

       c.    Maps to existing audit and assessment frameworks (NIST, HITRUST, HIPAA, SOC, SOX)

       d.    Includes evidence in support of audits and assessments

       e.    Provides ability to automate evidence collection and updates

3.   Act as primary administrator of the centralized repository system

4.   Manage projects to build new functionality, processes, and/or reporting in the centralized repository system, including requirements gathering, configuration, testing, deployment and user training.

5.   Develop and maintain all user documentation related to system, including user guides and system baselines.

6.   Obtain and review evidence ensuring response to audits and assessments are well-documented.

7.    Support client security requests (i.e. questionnaires)

8.   Assist in audits and reviews of assigned business processes to evaluate adequacy of controls within IT, on findings and make recommendations for corrections of weaknesses, and improvements in operations. 

9.   Develop and implement IT audit programs and testing procedures and processes relevant to risk/compliance and test objectives across IT departments.

10.  Utilize audit findings to make appropriate recommendations for the correction of weaknesses within processes and procedures that support the continual improvement in operational procedures.

11.   Provide guidance to IT subject matter experts on audit and assessment requests

12.  Analyze existing processes to identify inefficiencies and opportunities for improvement.

13.  Identify, collaborate, coordinate and communicate opportunities for strengthening IT security throughout the company.

14.  Collaborate, coordinate and communicate across disciplines and departments, design, develop and implement security controls and policies.

15.  Ensure compliance with HITRUST, SOX, SOC, HIPAA regulations and requirements.

16.  Demonstrate Company’s Core Competencies and values held within.

17.   The position responsibilities outlined above are in no way to be construed as all-encompassing.  Other duties, responsibilities and qualifications may be required and/or assigned as necessary.

18.  This role does not require access to PHI



Job Requirements

 

Job Snapshot

Location US-IL-Naperville
Employment Type Full-Time
Pay Type Year
Pay Rate N/A
Store Type IT & Technical
Apply

Company Overview

MultiPlan

At MultiPlan, we know that our employees are instrumental to our success and we reward them accordingly. We offer a very competitive compensation and benefits package, an incentive bonus program, service recognition awards and an employee recognition program that honors individuals whose achievements go above and beyond even our high expectations. We invite you to search our listing of current Career Opportunities. One of our top priorities is the career development of our employees. Learn More

Contact Information

US-IL-Naperville
Snapshot
MultiPlan
Company:
US-IL-Naperville
Location:
Full-Time
Employment Type:
Year
Pay Type:
N/A
Pay Rate:
IT & Technical
Store Type:

Job Description

IT Risk Management & Compliance Analyst

Imagine a workplace that encourages you to interpret, innovate and inspire. Our employees do just that by helping healthcare payers manage the cost of care, improve competitiveness and inspire positive change. You can be part of an established company with a 40-year legacy that helps our customers thrive by interpreting our client's needs and tailoring innovative healthcare cost management solutions.

Our commitment to diversity, inclusion and belonging are part of the fabric of our company.  We strive to create a workplace that fosters mutual respect and collaboration, where every talented individual can participate and perform their best work.  We are MultiPlan and we are where bright people come to shine! 

Please note: our offices are currently closed due to the pandemic and our employees are working from home. Once our offices reopen, this position will transition to working in either our NYC, Naperville, IL, Arlington, TX, Bedford, MA or Rockville, MD office. 



JOB DESCRIPTION

This role is a critical position within the team, and has risk and compliance responsibilities from a technology and cyber security perspective across the IT organization. Working closely with Internal Audit and IT stakeholders across the organization, this position will be responsible for operating and enhancing the audit and assessment portfolio of efforts to streamline evidence collection in support of HITRUST, SOX, SOC and HIPAA.

Your job duties will include the following:

1.    Support MultiPlan’s IT Risk Management Program

2.    Develop and maintain a centralized evidence repository system in support of various audits and assessments that, at the minimum:

       a.    Includes commonly asked security questions and answers

       b.    Provides search functionality

       c.    Maps to existing audit and assessment frameworks (NIST, HITRUST, HIPAA, SOC, SOX)

       d.    Includes evidence in support of audits and assessments

       e.    Provides ability to automate evidence collection and updates

3.   Act as primary administrator of the centralized repository system

4.   Manage projects to build new functionality, processes, and/or reporting in the centralized repository system, including requirements gathering, configuration, testing, deployment and user training.

5.   Develop and maintain all user documentation related to system, including user guides and system baselines.

6.   Obtain and review evidence ensuring response to audits and assessments are well-documented.

7.    Support client security requests (i.e. questionnaires)

8.   Assist in audits and reviews of assigned business processes to evaluate adequacy of controls within IT, on findings and make recommendations for corrections of weaknesses, and improvements in operations. 

9.   Develop and implement IT audit programs and testing procedures and processes relevant to risk/compliance and test objectives across IT departments.

10.  Utilize audit findings to make appropriate recommendations for the correction of weaknesses within processes and procedures that support the continual improvement in operational procedures.

11.   Provide guidance to IT subject matter experts on audit and assessment requests

12.  Analyze existing processes to identify inefficiencies and opportunities for improvement.

13.  Identify, collaborate, coordinate and communicate opportunities for strengthening IT security throughout the company.

14.  Collaborate, coordinate and communicate across disciplines and departments, design, develop and implement security controls and policies.

15.  Ensure compliance with HITRUST, SOX, SOC, HIPAA regulations and requirements.

16.  Demonstrate Company’s Core Competencies and values held within.

17.   The position responsibilities outlined above are in no way to be construed as all-encompassing.  Other duties, responsibilities and qualifications may be required and/or assigned as necessary.

18.  This role does not require access to PHI



Job Requirements

 
Mrt3c768phnp0gk12d2
Sologig Advice

For your privacy and protection, when applying to a job online: Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.Learn More

By applying to a job using sologig.com you are agreeing to comply with and be subject to the workinretail.com Terms and Conditions for use of our website. To use our website, you must agree with theTerms & Conditionsand both meet and comply with their provisions.
IT Risk Management & Compliance Analyst Apply now