Overview Senior Talent Consultant at The Emery Company Information Security Analyst - Governance Risk & Compliance - LVL II Project and Requirements Design and implement a scalable cloud and third-party cybersecurity risk management framework aligned with NIST, ISO 27001, and other relevant standards. Develop and maintain risk assessment procedures and questionnaires tailored for cloud services and third-party applications. Define security review workflows for vendor onboarding, contract renewals, and offboarding. Integrate cybersecurity risk activities with procurement, legal, and enterprise architecture processes. Conduct technical and compliance assessments focusing on data classification, regulatory alignment (e.g., HIPAA, CJIS, PCI, GDPR), encryption, and access controls. Review vendor responses to security questionnaires and validate supporting documentation (e.g., SOC 2 reports, ISO certifications, penetration test results). Analyze risks associated with APIs, SaaS integrations, homegrown plug-ins, and third-party application stores. Role and Responsibilities Collaborate with internal stakeholders to define third-party cybersecurity roles and responsibilities. Partner with legal and procurement to ensure contracts include appropriate security terms (e.g., data handling, breach notification, audit rights). Provide security guidance to project teams evaluating or implementing cloud-based or externally hosted solutions. Scheduled Milestones and Deliverables Support the development of cloud security baselines and governance controls. Recommend mitigation strategies and track remediation efforts. Evaluate cloud service configurations (e.g., AWS, Azure, Google Cloud, SaaS platforms) for alignment with enterprise security policies and industry best practices. Metrics to Measure Performance Maintain and update a centralized inventory of critical cloud services and third-party vendors. Develop and present risk dashboards and executive-level summaries to communicate risk posture and assessment outcomes. Track security exceptions, risk acceptance approvals, and remediation timelines across third-party engagements. Participate in governance forums such as the Cybersecurity Review Committee (CRC) and provide input on vendor-related risks. Seniority level Mid-Senior level Employment type Full-time Job function Analyst, Information Technology, and Quality Assurance Industries: Government Administration Note: This description retains the original job information while removing irrelevant postings and ensuring proper HTML structure. #J-18808-Ljbffr The Emery Company, LLC
...Medication Courier Driver: Are you looking to supplement your current income? Priority Dispatch is looking for reliable Delivery Drivers to work as Independent Contractors to deliver medications to long-term care facilities in Ohio. Available Shifts: ~ Monday...
...Nurse Practitioner 3327 Primary Care opening in NYC *Nurse Practitioner needed for a 100% outpatient, office-based practice. Fluency... ...). *Salary around $140,000. Full benefits. *New graduates welcome! Great training provided!*All inquiries and conversations...
...to promote well-being and inspire your best work. Job Summary: Works with hospitals eligible for the 340B program to ensure compliance with state/federal defined rules and regulations associated with the program. Assists facilities in maximizing appropriate...
...Physician Assistant / Nurse Practitioner (ACNP) Atlanta, GA We are the top outpatient Urology group in the Atlanta area and we are seeking an APP to join our team. We are open to Nurse Practitioners (ACNP please) or a Physician Assistant. We are hiring...
...are always looking for exceptional people who share our love for fashion, the customers we serve, the merchandise we sell, and the work... ...your sales Creation of content for Instagram and Tik Tok Assist in online inventory management and order fulfillment for...