MultiPlan IT Governance, Risk & Compliance (GRC) Analyst in New York, New York
IT Governance, Risk & Compliance (GRC) Analyst
Imagine a workplace that encourages you to interpret, innovate and inspire. Our employees do just that by helping healthcare payers manage the cost of care, improve competitiveness and inspire positive change. You can be part of an established company with a 40-year legacy that helps our customers thrive by interpreting our client's needs and tailoring innovative healthcare cost management solutions.
Our commitment to diversity, inclusion and belonging are part of the fabric of our company. We strive to create a workplace that fosters mutual respect and collaboration, where every talented individual can participate and perform their best work. We are MultiPlan and we are where bright people come to shine!
We are currently seeking an experienced IT Governance, Risk & Compliance Analyst to work in either our New York City or Naperville, IL office. We offer competitive compensation and fantastic benefits, as well as a collegial workplace in a business-casual dress environment. You'll also find plenty of options for professional development and advancement with us. If this sounds like the kind of career move you've been wanting to make, and if you meet our qualifications, we want to talk with you!
Please note: our offices are currently closed due to the pandemic and our employees are working from home. Once our offices reopen, this position will transition to working in either our NYC office or Naperville, IL office.
As an IT Governance, Risk & Compliance Analyst, you will play a key technical role in the maintenance, configuration and support of the organization's Governance, Risk and Compliance (GRC) system. You will regularly support the education, establishment, and maintenance of GRC tables/workflows and aid in the coordination of audit and regulatory compliance projects. Additionally, you will assist in maintaining risk management processes (i.e., open risks, risk register, corrective action plans) that govern the information security program. The role will also require you to play an integral role in the development and maintenance of the organization's third-party program to meet security goals while remaining aligned with client and regulatory requirements.
Your specific duties in this role will include:
1.Support company's GRC platform in various capacities, including but not limited to:
*Create/modify/remove system tables
*Add/remove/modify Users, Security Roles, Groups and process requests for access
*Organize and schedule training sessions (Overview Training, New Advance User Training, Working Sessions)
*Troubleshoot and Triage User Issues via email, telephone, messaging and ticketing system
*Executive Report Generation
*Create Reports as requested by users and leadership team
*Maintenance of the GRC system including upgrades, patches and troubleshooting
2. Administer and provide regular application and system support for GRC
3. Analyst existing processes to identify inefficiency and opportunities for improvement
4. Process change requests for modifications to the application configuration.
5. Manage projects to build new functionality, workflows, processes, and/or reporting in the application including requirements gathering, configuration, testing, deployment and user training
6. Develop and maintain all user documentation related to GRC, including user guides and system baselines
7. Participate in the development and maintenance of relationships with various business functions including internal audit and third party auditors.
8. Assist in internal and external audits and reviews of assigned business processes to evaluate adequacy of controls within IT and make recommendations for corrections of weaknesses, and improvements in IT operations.
9. Assist in risk analysis and management program by managing open risks, accepted risks (i.e., risk register) and corrective action plans (i.e., plan of actions and milestones: POAM)
10. Identify opportunities for strengthening IT security throughout the company.
11. Collaborate, coordinate and communicate across disciplines and departments
12. Ensure compliance with HIPAA regulations and requirements.
13. Demonstrate Company's Core Competencies and values held within.
14. The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.
As an IT Governance, Risk & Compliance Analyst, you must be highly organized and detail-oriented, with strong analytical, problem solving, and prioritization skills. You should also be able to handle multiple tasks in a fast-paced, deadline-driven environment, both independently and as part of a team. It is also important that you display excellent verbal and written communication and interpersonal skills, as well as the ability to effectively present information and respond to questions from groups of managers and clients.
Specific qualifications for the role include:
* Minimum Bachelor's degree in Information Technology or a related field coupled with one (1) year of experience as a general information technology technician inclusive of experience in the administration of internal controls compliance and/or information security administration as well as experience working with GRC systems.
* Knowledge of security frameworks such as NIST, HIPAA, HITRUST or ISO is a plus
* Knowledge of MS Access or similar tools
* Familiarity with dashboard creation (i.e., MS Excel or similar tools)
* Strong MS Excel skills for data analysis and manipulation
* Basic programming skills (i.e., databases, API creation)
* Communication (written, verbal and listening), project management, problem solving, trouble-shooting, organizational, goal setting, and time management skills
* Ability to present to a small to midsize audiences
* Ability to use software, hardware, and peripherals related to job responsibilities, including MS Office
* Ability to maximize the use of the available technology, welcome new technology, and stay abreast of the latest technologies
* Ability to maintain confidentiality of information
* Ability to work independently as well within a team and with client users
* Ability to organize, prioritize, and coordinate multiple work activities and meet target deadlines
* Ability to be flexible when there are schedule or priority changes and last minute requests
* Ability to travel as needed to Company locations and third party locations within the US
* Individual in this position must be able to work in a standard office environment which requires sitting and viewing monitor(s) for extended periods of time, operating standard office equipment such as, but not limited to, a keyboard, copier and telephone
We realize that our employees are instrumental to our success, and we reward them accordingly with very competitive compensation and benefits packages, an incentive bonus program, as well as recognition and awards programs. Our work environment is friendly and supportive, and we offer flexible schedules whenever possible, as well as a wide range of live and web-based professional development and educational programs to prepare you for advancement opportunities.
Your benefits will include:
Medical, dental, and vision coverage (low copay & deductible)
Short- and long-term disability
401(k) + match
Generous Paid Time Off
Paid company holidays
Flexible Spending Account
Employee Assistance Program
MultiPlan is an Equal Opportunity Employerand complies with all applicable laws and regulations. Qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability or protected veteran status. If you'd like more information on your EEO rights under the law, please.
As an Equal Opportunity Employer, the Company will provide equal consideration to all employees and job candidates without regard to sex, age, race, marital status, sexual orientation, religion, national origin, citizenship status, physical or mental disability, political affiliation, service in the Armed Forces of the United States, or any other characteristic protected by federal, state, or local law. Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled