About This Role
The Senior IT Compliance Analyst will operate at multiple levels within the organization leading and participating in IT compliance projects, risk assessments, SOX, NIST and HIPAA compliance, and IT policy management. In addition, the Senior IT Compliance Analyst will work with IT and business groups to identify and recommend solutions on IT Compliance related issues and provide expertise surrounding a broad range of compliance duties. We operate in a highly regulated environment (SOX, NIST, HIPAA, SOC 2, GDPR, ISO, FDA, The Joint Commission) and the IT Compliance Analyst must have a working knowledge in these regulations.
Specific job responsibilities include:
- Actively identify and respond to IT compliance issues and incidents related to systems and workflow to ensure internal compliance controls are appropriate and operating as intended within the organization.
- Evangelize compliance initiatives and engage with operations and development teams to ensure adherence to policy guidelines and compliance standards.
- Assist leading coordination and remediation efforts for compliance activities related to IT SOX compliance annual SOC 2 and SOC 3, HIPAA, NIST, and other compliance assessments.
- Maintain IT policies and procedures and lead annual update efforts.
- Conduct Proof of Concepts for solutions and technologies required for IT Compliance.
- Collaborate with various teams for IT Compliance activities, as required.
- Play a key role the development and ongoing delivery of IT compliance and HIPAA awareness training.
- Coordinate execution of annual incident response and disaster recovery table-top walkthroughs and update processes and associated documentation.
- The successful candidate will lead cross organizationally through influence and help shape operating processes with value-add recommendations and regulatory guidance.
About you:
- At least 8 years of IT SOX, NIST 800-53 and HIPAA experience preferably in a healthcare related industry and public company environment; with at least five (5) years of experience with security operations and risk assessment preferred.
- Experience performing regular User Access Reviews (UAR).
- Proven history of success partnering with IT control owners to implement new compliance frameworks (such as NIST 800-53, ISO, or SOC2)
- Experience with operation of Identity Access Management (IAM) and Data Loss Prevention (DLP) solutions such as Okta, Sailpoint, and FairWarning.
- Working knowledge of HIPAA/HITECH, GDPR, ISO, NIST 800-53, SOX and other compliance regulations.
- Ability to think strategically about compliance risks and tie those to organizational priorities.
- Capable of building a network of relationships across organizational functions and to liaise with senior management.
- Excellent written and verbal communication skills; experience developing and delivering presentations and reports.
- Relevant professional certifications such as Certified Information Systems Auditor (CISA), Certified Information System Professional (CISSP)
- Bachelor’s degree in Computer Science, Information Security, or related field required
What's In It For You
This is a regular full-time position with competitive compensation package, excellent benefits including medical, dental, and vision insurances (all of which start on your first day), health savings account employer contributions (when enrolled in high deductible medical plan), cafeteria plan pre-taxed benefits (FSA, dependent care FSA, commute reimbursement accounts), travel reimbursement for medical care, noncontributory basic life insurance & short/ long term disability. Additionally, we offer:
- emotional health support for you and your loved ones
- legal / financial / identity theft/ pet and child referral assistance
- paid parental leave, paid holidays, travel assistance for personal trips and PTO!
iRhythm also provides additional benefits including 401(k) (with company match), an Employee Stock Purchase Plan, pet insurance discount, unlimited amount of Linked In Learning classes and so much more!
FLSA Status: Exempt
#LI-SB-1
#LI-Remote
