GRC Analyst (Work Remotely Anywhere in the U.S.)

Since 1998, Businessolver has delivered market-changing benefits technology and services supported by an intrinsic responsiveness to client needs. The company creates client programs that maximize benefits program investment, minimize risk exposure, and engage employees with easy-to-use solutions and communication tools to assist them in making wise and cost-efficient benefits selections. Founded by HR professionals, Businessolver's unwavering service-oriented culture and secure SaaS platform provide measurable success in its mission to provide complete client delight.

As a GRC Analyst I, you will partner with internal and external teams to understand, interpret and analyze Governance, Risk, and Compliance domains to enable our business partners to understand, adopt and mature new policies, standards and procedures. Collaborating with our business partners, you will maintain the Risk Management Framework (RMF) and methodology by periodically reviewing the risk framework relative to emerging trends and threats, changes in the organizational landscape & risk management best practices, and adjust the framework and methodology, as necessary.

The Gig:

• Implement security program using industry standard frameworks that align to regulatory requirements and business objectives.
• Perform risk analysis for systems, processes, third-party tools/applications, and configurations.
• Improve security posture through process, policy, automation, and the continuous advancement of capabilities.
• Document business ownership and responsibilities of the controls using the company’s GRC tool.
• Schedule and perform regular assessments (internal and external) to test effectiveness of controls.
• Investigate (internal and external) information security risk and exceptions assessments.
• Develop and monitor security incident management program to ensure effectiveness.
• Assess incidents, vulnerability scans, patching status, secure baselines, and penetration test result.
• Document and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
• Remain current on best practices and technological advancements and acts as the technical resource for security assessment and regulatory compliance.
  
  

What You Need to Make the Cut:

• Bachelor’s degree or equivalent work experience (Information Technology, Engineering, Cybersecurity, or a related technical field).
• CISM, CISA or CRISC certification(s) or equivalent preferred.
• Public cloud technical certifications preferred.
• ITIL foundations certification preferred.
• Experience testing or auditing technical controls.
• Creative problem solver and desire to learn.
• Strong oral and written communication skills.
• Experience working in an Agile environment preferred.
  
  

The pay range for this position is 53K to 67K per year (pay to be determined by the applicant’s education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data).

This role is eligible to participate in the annual bonus incentive plan.

Other Compensation: If this position is full-time or part-time benefit eligible, you will receive a comprehensive benefits package which can be viewed here: https://businessolver.foleon.com/bsc/job-board-businessolver-virtual-benefits-guide/

The Businessolver Way…

Our team has spent two decades crafting a culture that challenges each employee to perform at the top of their game – and have fun doing it! If you desire to use your skills and experience in an environment where you can make a difference, we want to hear from you!

Businessolver is committed to maintaining an environment that protects client data. We train our employees to maintain leading class security practices and expect all employees to adhere to policy, procedures and controls.

(Applicable to all roles at an AVP, DIR, VP, Head Of or SVP and above level):

Serve as a security contact for the business unit. Responsible for driving adoption and compliance with information security and privacy practices. Serve as a liaison with the information security team on security and privacy matters.

Equal Opportunity at Businessolver:

Businessolver is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.