InterSystems
Risk Assurance Analyst
InterSystems, Boston, MA
As a Risk Assurance Analyst, you will be part of our Global Trust department that covers information security, privacy, and product security risks and certification and will report to the InterSystems Data Protection Officer. You will collaborate with members of the Clinical Risk, Clinical Safety, and Compliance teams to provide risk management and assurance support across InterSystems products, services, and operations.
The Risk Assurance Analyst responsibilities will include:
Required Qualifications:
Preferred Qualifications:
We are an equal-opportunity employer and do not discriminate because of race, color, religion, sex, national origin, ancestry, marital status, veteran status, age, disability, sexual orientation or gender identity or expression or any other legally protected category. InterSystems is an E-Verify Employer in the United States.
About InterSystems
Established in 1978, InterSystems provides innovative data solutions for organizations with critical information needs in the healthcare, finance, and logistics sectors and beyond. Our cloud-first data platforms solve interoperability, speed, and scalability problems for organizations around the globe. InterSystems also develops and supports data management in hospitals through the world's most proven electronic medical record, as well as unified care records for health systems and governments through a powerful suite of healthcare data integration solutions. The company is committed to excellence through its award-winning, 24×7 support for customers and partners in more than 80 countries. Privately held and headquartered in Cambridge, Massachusetts, InterSystems has 25 offices worldwide. For more information, please visit InterSystems.com.
The Risk Assurance Analyst responsibilities will include:
- Risk reporting and technology risks, processes, and controls.
- Investigation of internal control incidents or control failures, including data breach incidents
- Current and emerging technologies which may include cloud services (SaaS, PaaS, IaaS), web development tools, virtualization, UNIX, Linux, Windows, and networking and security technologies.
- ISO 27001/ISO 27002, SOC 2, HITRUST, NIST SP 800-53, CSTAR (CAIQ), ISO 27017/27018/27701, OWASP, SLSA, NIST CSF, and/or other leading business and IT control frameworks.
- Key domains of information technology general controls, including change management, access to programs and data, computer operations and systems development, cybersecurity and resiliency frameworks.
- Identifying key risks and controls, knowledge of privacy/security/risk management controls readiness, controls optimization, including the configuration of controls around security, privacy, business process and within IT environments.
- Investigating control failures including working with internal and external parties for evidence collection and evaluation, root cause determinations, and recommendation development for Plan of Action and Milestone corrective actions.
- Applying internal control principles and business/technical knowledge including information technology general controls and application controls; risk reporting concepts; working experience applying professional skepticism skills.
- Leading the adaption of work programs and practice aids, as well as perform assessments, using relevant tools to evaluate controls, security, SOD, and potential for optimization.
- Exhibiting project management skills, including developing project plans, resource budgets, and deliverables schedules.
- Creating a positive environment while meeting management expectations. This includes providing candid, meaningful feedback in a timely manner and keeping leadership informed of progress.
- Interacting with customers on solutions and reviewing projects on customer engagements (implementations).
Required Qualifications:
- 3-5+ years of auditing or risk management
- Bachelor's degree in one of the following: Accounting, Finance/Economics, Management, Information Systems, Computer Science, Business, Science, Technology, Engineering & Mathematics and/or other business field of study
Preferred Qualifications:
- Certifications such as CIPM, CISA, GSNA, CRMA, or CCSA
- Experience and knowledge around controls with risk reporting, compliance, and operational processes within an organization as an auditor or business process specialist, including business process and IT management control.
We are an equal-opportunity employer and do not discriminate because of race, color, religion, sex, national origin, ancestry, marital status, veteran status, age, disability, sexual orientation or gender identity or expression or any other legally protected category. InterSystems is an E-Verify Employer in the United States.
About InterSystems
Established in 1978, InterSystems provides innovative data solutions for organizations with critical information needs in the healthcare, finance, and logistics sectors and beyond. Our cloud-first data platforms solve interoperability, speed, and scalability problems for organizations around the globe. InterSystems also develops and supports data management in hospitals through the world's most proven electronic medical record, as well as unified care records for health systems and governments through a powerful suite of healthcare data integration solutions. The company is committed to excellence through its award-winning, 24×7 support for customers and partners in more than 80 countries. Privately held and headquartered in Cambridge, Massachusetts, InterSystems has 25 offices worldwide. For more information, please visit InterSystems.com.