IT Risk & Controls Analyst - Remote

Our work matters. We help people get the medicine they need to feel better and live well.  We do not lose sight of that. It fuels our passion and drives every decision we make.

Job Posting Title

Job Description

This is a remote role, however, the preferred candidate location is North Carolina

As a Risk & Controls Analyst your would be responsible for executing processes that ensure IT’s compliance with regulatory, industry and client security requirements. You would be responsible for working with cross-functional teams on the day to day operational activities needed to support the Security Governance Risk and Compliance program.

Responsibilities

• Update and publish organization wide security standards, policies and procedures
• Test and collect evidence that controls are designed and operating effectively, including evidence needed to verify compliance to security requirements to HITRUST, SOC 2, HIPAA, and client contracts
• Collect metrics to monitor risk and compliance status, assist in vendor and system security risk assessments, including drafting responses to client RFP and assessment requests
• Work with IT to coordinate audit testing and track audit remediation
• Other duties as assigned

Minimum Qualifications

• Bachelor’s degree in an analytical discipline such as Computer Science, Finance, or Sciences or related area of study, or equivalent combination of education and/or related work experience; HS diploma or GED is required
• 2 years experience in Information Security, Information Technology, Risk Management, Audit or Finance 
• Must be eligible to work in the United States without need for work visa or residency sponsorship

Additional Qualifications

• Ability to conduct meetings and give presentations
• Good analytical and critical thinking skills
• Ability to multi-task and manage multiple priorities
• Knowledge of Governance, Risk and Compliance area topics
• Basic understanding of regulatory and/or compliance requirements and frameworks (PCI, HIPAA, SOC1, SOC2, HITRUST, NIST, etc.)
• Basic working knowledge of security solutions and controls

Preferred Qualifications

• Experience producing metrics reporting, writing and presenting communications
• Experience in a regulated industry, health care preferred

Minimum Physical Job Requirements

• Ability to travel up to 5% of the time
• Constantly required to sit, use hands to handle or feel, talk and hear
• Frequently required to reach with hands and arms
• Occasionally required to stand, walk and stoop, kneel, and crouch
• Occasionally required to lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds
• Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus

Reporting Structure

• Reports to a Business Information Security Officer (BISO)

Prime Therapeutics LLC is an Equal Opportunity Employer. We encourage diverse candidates to apply and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, genetic information, marital status, family status, national origin, age, disability, veteran status, or any other legally protected class under federal, state, or local law.

Positions will be posted for a minimum of five consecutive workdays.