Senior Cybersecurity Compliance Analyst, HITRUST SME
Full Time
Madison, WI 53719
Posted
Job description
Position Overview
At Exact Sciences, we are cancer fighters. We are united by our mission to change lives by providing earlier, smarter answers. Through advances in cancer detection and treatment guidance, we will help eradicate the disease and the suffering it causes. Exact Sciences’ CISO Office supports this mission by defending the millions of digital patient, practitioner, and employee lives within our environments. Defending today and securing tomorrow is no small feat. To help achieve this, the team is in search of a HITRUST subject matter expert to join our collaborative team comprised of passionate experts.
The Senior Cybersecurity Compliance Analyst is a newly created role within the CISO Office reporting to the Manager of CISO GRC Compliance. This role will be responsible for leading the HITRUST certification efforts for the enterprise as well continuing the advancement of the compliance program. This is a multi-dimensional role, requiring extensive security and business integration experience with proven capability in both technical skills and cultural awareness to identify, decipher, monitor, and report cybersecurity risks across the organization.
This position is remote eligible.
Essential Duties
Include, but are not limited to, the following:
- Lead HITRUST certification initiatives for Exact Sciences.
- Drive education of compliance and controls methodology, to include the HITRUST CSF framework, to key business stakeholders.
- Assist with the continued advancement of the security & IT compliance program through continual controls environment evaluation, relative to industry best practices and regulatory requirements, in alignment with the risk appetite and business requirements.
- Collaborate with various stakeholders across the organization to manage the lifecycle of a control, including new controls, modification to existing controls, or retirement of existing controls.
- Assist with the Information Security Management System (ISMS) program delivery.
- Facilitate, provide oversight and consulting for various formal and informal internal and external audits.
- Work with leadership to prioritize initiatives to align with strategic goals.
- Act as a source of direction, training, and guidance for less experienced staff.
- Champion the remediation of visibility and capability gaps and breakdown roadblocks standing in the way of a robust security posture.
- Enable the maturation of the security program functions within the cybersecurity team and with key business partners.
- Research and interpret industry insights and best practices, along with interpreting impact of requirements from governing authorities.
- Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork.
- Support and comply with the company’s Quality Management System policies and procedures.
- Maintain regular and reliable attendance.
- Ability to act with an inclusion mindset and model these behaviors for the organization.
- Ability to travel 10% of working time away from work location, may include overnight/weekend travel.
Minimum Qualifications
- Bachelor’s Degree in field related to essential duties; or Associate Degree and 2 years of relevant experience; or High School Diploma or General Education Degree (GED) and 4 years of relevant experience.
- 5+ years of professional compliance experience with security, IT, and/or privacy authoritative sources (e.g., HITRUST, NIST, ISO, SOX, HIPAA, PCI, GDPR, AICPA TSC).
- 2+ years in a HITRUST environment, including experience with achieving HITRUST certification.
- Experience assessing control operation and design effectiveness, including risk mitigation, using SOC2 reports, security assessments, penetration testing results, vulnerability assessments, ITGC reviews, SOX audits, etc.
- Experience presenting compliance and risk mitigation concepts and controls rationalization to internal and external stakeholders.
- Able to organize and track compliance requests; strong project management skills a plus.
- Solid grasp of security governance, risk, and compliance concepts.
- Technically proficient in performing assigned duties at a high-level of independence under minimal supervision while working within a team environment.
- Demonstrated leadership skills, ability to drive change in a complex environment, where you may/may not have formal reporting responsibility.
- Excellent communication skills, appropriately adapting based on audience needs, through all mediums–verbally, written, presentation, and listening.
- Able to be agile and work with ambiguity.
- Relevant certification(s) in the field of cybersecurity, risk, audit, or program/project management.
- Proficient+ in Microsoft Office programs, such as PowerPoint, Excel, Outlook, and Word.
- Demonstrated ability to perform the essential duties of the position with or without accommodation.
- Authorization to work in the United States without sponsorship.
Preferred Qualifications
- Familiarity with MyCSF, HITRUST’s SaaS platform, a plus; fluency with MyCSF plus-plus.
- Experience with enterprise GRC management platforms (e.g., ServiceNow, OneTrust); implementation experience a plus.
- Experience in healthcare or biotech industries.
#LI-VZ1
If you need any assistance seeking a job opportunity at Exact Sciences, or if you may require a reasonable accommodation with the application process, please call our Recruitment Coordinator at 608-535-8841 or email
hr@exactsciences.com
.
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to age, color, creed, disability, gender identity, national origin, protected veteran status, race, religion, sex, sexual orientation, and any other status protected by applicable local, state or federal law. Applicable portions of the Company’s affirmative action program are available to any applicant or employee for inspection upon request.
colinoncars.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, colinoncars.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, colinoncars.com is the ideal place to find your next job.