search
Home > St. Cloud jobs > St. Cloud computer/technical

Posted: Monday, August 28, 2017 8:54 AM

# Job Description The IT Secruity/Compliance Analyst is responsible for: * Coordinating the creation, collection and maintains revisions of all security & compliance documentation related to the Information Technology operations of the enterprise healthcare and education vertical. * Auditing the internal department's compliance by monitoring IT daily operations, testing & evaluating systems & controls for conformity with industry & enterprise defined standards. * Assisting with client security audits and coordinate IT vendor audits for security and compliance. * The candidate audits information systems, platforms, and operating procedures in accordance with established corporate standards for efficiency, accuracy and security. * Reviewing contracts and RFP's for IT requirements; documents requirements and complies required documents to stakeholder **Duties:** * Formulate and update required policy, process and procedure documentation under direction * Make recommendations for enhancing IT securitycompliance standards within the department and identifying conflicts between client requirements, HIPAA, HITRUST, PCI, etc. * and the standards as they exist * Research emerging industry standards * Coordinate communication of reported securitycompliance incidents * Perform internal securitycompliance audits, risk assessments and analysis * Perform vendor and sub-contractor securitycompliance audits verifying conformity to BAA documents * Analyze performance, identifying areas of concern and formulating action plans * IT liaison for gathering required documents and information for client requested audits & RFP's * Manage security audits responding to client auditors questions & requests for documents * Manage vulnerability and threat assessments, analyzing and directing responses to network or system intrusions * Ensuring fulfillment of legal and contractual information security and privacy mandates, including providing executive management with compliance reports and audit findings * Create and maintain business process documentation Function as a data management leader, driving the continual improvement plans for all business units * Evaluates IT infrastructure in terms of risk to the organization and establishes controls to mitigate loss. * Determines and recommends improvements in current risk management controls and implementation of system changes or upgrades. * Maintain the company's Business Continuity and Disaster Recovery Plans. # Job Requirements **Skills/Qualifications:** * Knowledge of PCI, HITRUST & HIPAA standards * Knowledge of NIST 800-53 Rev4 & FISMA controls * Knowledge of an enterprise networking environment and security best practices * Knowledge of dataflow in both web application and client/server application environments * Knowledge of enterprise network environments; including firewalls, switching & routing * Knowledge of distributed processing operations, procedures, and equipment * Knowledge of telephony systems and operations preferred * Multi-level security knowledge, including servers, workstations, storage, applications, and operating systems * Ability to process information logically and solve problems. * Ability to work flexible hours as required to assist in implementation of security/compliance initiatives and available to manage incident response * Ability to monitor and identify security related issues. * Ability to communicate effectively verbally and in writing. * Proficient in MS Word, Excel, Visio and PowerPoint * Ability to present information, audit findings and risks to upper management * Ability to establish and maintain effective working relationships with others. * Ability to plan, organize and coordinate work assignments **Additionally: ** * Possesses positive and professional outlook, personal integrity, problem solving ability and ability to handle stress * Ability to maintain effective working relationships with those contacted in the course of daily work effort. * Ability to manage time, communicate clearly and concisely, document and maintain organization of work * Maintain a customer focus in providing technology services to the Business User community * Normally receives minimal instructions on non-routine work assignments and only general instructions on new or more complex assignments. Decisions are made independently. * Active in the information security community by attending user group meetings and security/compliance conferences as directed **Work Conditions**: * Typical office environment; * Infrequently lifting and carrying items up to 40 lbs. * Infrequently twisting or bending at the waist or reaching overhead * Infrequently traveling between buildings on campus or to other campuses * Frequently listening to and talking with Business Users , Vendors, and Support organizations either in person or by telephone * Frequently sitting at a desk or workstation using a computer display, keyboard, and mouse; * Minor exposure to electrical hazards **_Disclaimer: _** *This position description is not intended, and should not be construed, to be an exhaustive list of all responsibilities, skills, efforts or working conditions associated with the job. It is intended to be an accurate reflection of those principle job elements essential to the job.* *Alltran does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, physical or mental disability, marital status, genetic information, or any other characteristic protected by federal, state, or local law, ordinance, or regulation.* *Employee Type:* Full-Time *Location:* Sartell, MN *Job Type:* Information Technology *Experience:* Not Specified *Date Posted:* 8/22/2017

Source: http://www.juju.com/jad/00000000bz0rgp?partnerid=af0e5911314cbc501beebaca7889739d&exported=True&hosted_timestamp=0042a345f27ac5dcfef628176473eb4fd5aa221d038d5386d91c6dee9b6a0c86


• Location: Sartell, St. Cloud

• Post ID: 25001718 stcloud
stcloud.backpage.com is an interactive computer service that enables access by multiple users and should not be treated as the publisher or speaker of any information provided by another information content provider. © 2017 backpage.com