Are you experienced in governance, risk and compliance? If so, keep reading!

ExamWorks is seeking a new team member in the role of InfoSec GRC Analyst! This person will handle all things Governance, Risk and Compliance from a 100% remote capacity.

Provide support and contribute to the ExamWorks InfoSec GRC programs such as: Risk Management, Third Party/Vendor Management, Vulnerability/Threat Management, Compliance Management, RFP/SAQ Process Management and others
• Collaborate with different departments in the analysis, response, and document packages of RFPs and security questionnaires as required by clients of EW business units
• Assess and monitor security processes and controls to assure compliance with applicable security frameworks, regulatory, and client requirements as well as promote good information security practices
• Generates reports on assessment findings and summarizes them to facilitate remediation tasks for other IT operational teams
• Conduct formal risk analysis and self-assessments program for various ExamWorks brands and the associated information services systems, processes, and infrastructure
• Facilitate HITRUST, SOC2 audit engagement, data/artifact collection, exception remediation and monitoring
• Key contributor to the design, implementation, and optimization the GRC application or solutions
• Facilitate HITRUST, SOC2 audit engagement, data/artifact collection, exception remediation and monitoring
• Contributes to maintenance and update of library of information security control standards and procedures based on Information Security policies and procedures and industry best practices
• Maintain awareness of changes or updates on security control frameworks, compliance laws and statute and identify the impact to the business and its security posture
• Compiles management reports, summary analysis, and detailed presentations to describe risk, controls, and maturity assessments
• Facilitate information security awareness programs and facilitate periodic awareness training, phishing campaigns, security newsletters and publications
• Conduct or participate in the cross training sessions with the IT Security team in the management and configuration of security tools and technical controls
• Troubleshooting and resolving security related GRC and technical issues effectively and efficiently
• Prioritizing, evaluating, resolving and escalating calls or tasks as required
• Providing appropriately detailed and timely follow-up support with customers (internal and external)
• Providing updates, status, and completion information to the InfoSec Manager - GRC through voice mail, e-mail, or in-person communication

• College Degree in Computer Science or related field required
• Minimum of 2 years in IT security, risk management, compliance, and audit required
• Must be familiar with Governance Risk and Compliance(GRC) solutions and technology platforms.
• Practical knowledge and experience with compliance and security framework standards such as SOX, PCI, SOC, NIST, ISO 27001, HITRUST, HIPAA and HITECH required
• General knowledge of security tools, solutions, and appliances in support of security domains such as: network security, e-Mail and end-point security, vulnerability scans, access controls, and log management etc.
• Basic technical understanding of cloud services principles such as IAAS, SAAS, and PAAS.
• Capable of articulating general IT security policies, processes, and technical controls
• CISA, CRISC, or other privacy certifications preferred but not required

• Applicant must be willing to travel 5% of the time
• Applicant must be able to travel outside the US occassionally
• Ability to work independently with or without direction and/or supervision
• Ability to effectively interface with a broad range of people and roles
• Advanced computer troubleshooting, analysis, critical thinking and problem solving skills
• Ability to manage multiple tasks with frequent interruptions, occasionally in urgent situations
• Demonstrate accuracy and thoroughness. Looks for ways to improve and promote quality and monitors own work to ensure quality is met
• Ability to learn multiple programs and systems
• Maintain medical confidentiality
• Demonstrate team behavior and must be willing to promote a team-oriented environment

ABOUT US:

ExamWorks is a leading provider of innovative healthcare services including independent medical examinations, peer reviews, bill reviews, Medicare compliance, case management, record retrieval, document management and related services. Our clients include property and casualty insurance carriers, law firms, third-party claim administrators and government agencies that use independent services to confirm the veracity of claims by sick or injured individuals under automotive, disability, liability and workers' compensation insurance coverages.

ExamWorks, LLC is an Equal Opportunity Employer and affords equal opportunity to all qualified applicants for all positions without regard to protected veteran status, qualified individuals with disabilities and all individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age or any other status protected under local, state or federal laws.

Equal Opportunity Employer - Minorities/Females/Disabled/Veterans