Governance Risk & Compliance Analyst

Job Summary

Governance Risk & Compliance Analyst - Baptist Jacksonville

This role involves engaging and communicating with operational staff, managers, corporate control groups, and third-party vendors to assess and document vendor usage throughout the vendor lifecycle. Key responsibilities include identifying potential risks associated with the vendor’s products or services, addressing and remediating any concerns, and determining both inherent and residual risks. The role also requires conducting due diligence in accordance with the Vendor Risk Management (VRM) Policy, ensuring compliance with regulatory requirements. The position involves maintaining vendor risk assessments within the Censinet application that maintains detailed records of risk profiles and actions taken to mitigate identified risks.

Governance Risk & Compliance Analyst responsibilities:

• Evaluates, tests, recommends, coordinates, monitors and maintains information systems (IS) and cyber security policies, procedures and systems, including access management for hardware, firmware and software.
• Ensures that IS and cyber security plans, controls, processes, standards, policies and procedures are aligned with IS standards and overall IS and cyber security.
• Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.
• Develops techniques and procedures for conducting IS and cyber security risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.
• Requires working knowledge and experience in own job discipline. Works to broaden own capabilities by continuing to build knowledge of the organization, processes and customers. Performs a range of assignments using guidelines or policies.
• Analyzes and solves straightforward problems as they occur but typically requires guidance on complex or unusual problems. Receives a moderate level of guidance and direction from more experienced team members.
• Supports the security compliance program, ensuring the identification, tracking, prioritization, and remediation of all internal and external compliance requirements; also supports Internal Audit activities and remediation requirements.
• Ensures adequate and effective IT controls exist to meet applicable current and future security compliance requirements found in laws, regulations, frameworks such as requirements to comply with HIPAA, NIST CSF, PCI, SOC II, 

If you are interested in this Governance Risk & Compliance Analyst role, please apply now or contact andrew.foran@bmcjax.com.

Education Required

Bachelor's Degree or Equivalent Experience

Education Preferred

Bachelor's Degree

Experience

• Minimum 2 years of related experience Required
• Proven information security audit experience
• Experience with vulnerability management
• Experience with third-party risk management and enterprise risk assessments
• Experience with security awareness and training functions and tools
• Proven analytical, strategic vision drawing on strong problem-solving abilities.
• Able to prioritize and execute tasks in a high-pressure environment.
• Experince with HIPAA, NIST, CSF, PCI, SOC II

License and Certification

• Check Point Certified Security Administrator (CCSA) Preferred Or
• Cisco Certified Network Associate Preferred Or
• Microsoft Certified Systems Engineer (MCSE) Preferred Or
• Cisco Certified Security Professional (CCSP) Preferred Or
• Cisco Certified Network Professional (CCNP) Preferred Or
• Certified in Risk and Information Systems Control® (CRISC®) certification, Preferred Or
• Certified Cybersecurity Operations Analyst™ (CCOA™) certification, Preferred Or
• Governance of Enterprise IT® (CGEIT®) certification, Preferred Or
• Certified in Governance, Risk and Compliance (CGRC), Preferred Or
• Certified CMMC Professional (CCP) Preferred

Location

Location Overview

Baptist Health, founded in 1955, is North Florida’s most comprehensive health care system and the area’s only non-profit, mission-driven, locally governed health care provider. Baptist Health has over 200 points of care throughout the Northeast Florida region, including our six award-winning hospitals: Baptist Medical Center Jacksonville, Wolfson Children’s Hospital, Baptist Medical Center Beaches, Baptist Medical Center Clay, Baptist Medical Center Nassau and Baptist Medical Center South. The most preferred health care system in the region, Baptist Health also includes 57 primary care offices, as well as home health, behavioral health, pastoral care, rehabilitation services, occupational health and urgent care.