Seeking a talented Sr. IT Analyst to support our security and compliance frameworks, with a focus on technology and application security vulnerabilities. The successful candidate will work closely with a Senior Manager on key security and identity management workstreams. This role involves solutioning, execution, and reporting aspects of these workstreams. Additionally, they will support other audit and compliance initiatives as needed, such as audit evidence gathering support. The ideal candidate should possess strong technical, interpersonal, and organizational skills.
Key Responsibilities:
o Collaborate with application, security, and infrastructure colleagues to remediate security vulnerabilities, complete periodic access reviews, address other security related initiatives and secure audit evidence for internal/external audit engagements.
o Work on solutioning, execution, and reporting for key security and identity management workstreams.
o Support audit and compliance initiatives, including audit evidence gathering.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
- 5+ years of IT GRC analyst experience with a focus on risk and vulnerabilities.
- Strong reporting, documentation, and dashboard presentation experience, preferably with PowerBI.
- Experience with vulnerability identification tools such as Qualys for scanning servers, and Snyk for scanning code and production pipeline (Snyk experience highly preferred).
- Experience within a healthcare/health insurance organization highly preferred.
- Strong understanding of IT general controls, security and compliance frameworks, change management and basic knowledge of information security vulnerability types and best practices.
- Strong understanding of compliance/security/audit requirements and frameworks in relation to IP networking, desktop, servers, applications, and infrastructure.
- Experience with SOX/SOC1 and technical audits
- Strong technical acumen (working knowledge) and awareness.
- Ability to prepare technical documentation, flow charts, and Visio.
- Experience within a healthcare/health insurance organization highly preferred
- Experience with Archer (GRC solution)
- Experience with Qualys (cyber risk/security data platform)
- Exposure project application migrations to Sailpoint or similar IAM solutions
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.