Logo
ESR Healthcare

Info risk security usa

ESR Healthcare, California, Missouri, United States, 65018


Info Risk Security USA

Experience Level:

Mid-senior

Experience Required:

5 Years

Education Level:

Bachelor’s degree

Job Function:

Information Technology

Industry:

Financial Services

Compensation:

View salary

Total Position:

1

Relocation Assistance:

No

JOB DESCRIPTION:The purpose of this Information Security Risk Senior Specialist role is to support the Information Security Risk and Compliance function, focusing on Federal and State Government Public Sector clients.

The candidate will assist in the Information Security Risk Management process by reviewing, documenting, organizing, monitoring, tracking, and reporting on information security risks to address compliance and regulatory requirements while aligning with and supporting Mercer’s risk posture.

This role reports to the Information Security Risk and Compliance Leader.

RESPONSIBILITIES

Provide relevant technical and information security expertise and assistance with the completion of client requests for proposals (RFPs), questions, questionnaires, contract reviews, and audits.

Provide insight and advice to key stakeholders to effectively manage information and cyber security risks across Mercer’s technology platforms.

Support Federal and State Government information and cyber security client engagement work.

Work with Legal Staff to review information security-related documents and contracts to determine information security risks, communicate potential issues, propose mitigation options, and shepherd contracts to completion.

Assist with information security-related compliance activities for CCPA, NYDFS, PCI-DSS, and other regulatory and standard requirements.

Serve as the information security liaison in support of Mercer Federal and State Government business teams and Mercer IT to review and provide security recommendations during development, design, and implementation of applications in compliance with NIST controls.

Map company security policies and procedures to industry standards and regulatory requirements.

Assist with data collection and creation of a System Security Plan.

Participate in global level engagements on regulatory compliance hosted by Federal, State, and private entities.

Assist with creating proposed solutions for sophisticated security and compliance issues.

QUALIFICATIONS:

A Bachelor’s degree or equivalent work experience in information security, accountancy, audit, information systems, or other related field of study.

Two or more years of work experience in IT audit, IT security, or IT risk management work.

Basic understanding of risk concepts, including risk identification, evaluation, mitigation, and measurement.

Familiarity with GDPR, PCI-DSS, HIPAA/HITECH, NIST, NYDFS, and other relevant information and cyber security and data protection regulations and standards.

Strong communication, organizational, interpersonal, and collaborative skills.

Proficient knowledge of Microsoft Office products including Excel, Word, and PowerPoint.

Capable of handling a variety of ad-hoc requirements.

Strong problem-solving skills with the ability to develop technical solutions to address security risks posed by Federal and State client work.

Experience in a service-oriented organization serving many stakeholders.

Detail-oriented and excels in a fast-paced dynamic environment.

Working knowledge of Federal and State Compliance standards, regulations, and laws (i.e., IRS Pub 1075, CMS MARS-E 2.2, CJIS, Social Security Administration, FCC, NACHA, etc.).

Subject matter expert for regulatory compliance requirements necessary to safeguard data that supports the essential functions of Federal and State Government.

ADDITIONAL QUALIFICATIONS:

Experience with Federal and State Government contracts, PCI-DSS, and ISO27001 assessments a plus.

Security Certifications such as CISSP, CISA, CISM, CRISC, PCI-DSS ISA, or QSA.

Experience working with Federal and State government entities as part of a large IT enterprise.

Strong interpersonal and communication skills.

Strong analytical skills and experience working in a complex environment.

Proven experience as a strong cross-group collaborator and team player.

ABOUT:

A company that believes in building brighter futures by redefining the world of work, reshaping retirement, and investment outcomes, and unlocking real health and well-being. More than 25,000 employees are based in 44 countries, and the firm operates in over 130 countries. This is a business of the world’s leading professional services firm in the areas of risk, strategy, and people, with 76,000 colleagues and annual revenue of $17 billion. Through its market-leading businesses, it helps clients navigate an increasingly dynamic and complex environment.

#J-18808-Ljbffr