GRC Risk Manager/ Sr. Analyst
Conduct comprehensive risk assessments to identify potential security vulnerabilities and threats. This involves evaluating existing security measures, analyzing system configurations, and assessing potential impact and likelihood or risk.
Develop strategies and recommendations to minimize security risks based on risk assessment findings. This may involve working with business and technology stakeholders to implement additional security controls, updating policies, and procedures, or providing training and awareness to employees.
Develop methods to monitor and measure risk and report on business impact to key stakeholders and leadership teams.
Work with risk owners to triage new risks by leading them through the risk intake and risk response process and formally recording all new risks in the risk management system.
Collaborate with cross-functional teams, such as IT, legal, compliance, and senior management, to ensure a holistic approach to security risk management.
Communicate effectively to educate and raise awareness about security risks and promote a culture of security throughout the organization.
Oversee the execution of the Third-Party Risk Management (TPRM) program.
Perform focused third-party risk assessments on existing and new vendors.
Communicate risk assessment findings to vendor relationship managers.
Develop and monitor vendor remediation actions, mitigation, and contingency plans when risks or events are identified.
3+ years of work experience in third party risk management, information security, risk management and/or IT audit role
BA or equivalent, relevant experience
3+ years of experience with regulatory compliance
Previous experience with the Health Insurance Portability and Accountability Act (HIPAA)
Knowledge of the NIST Risk Management Framework (RMF) standards.
Knowledge of the NIST 800-53 control standards.
Netsmart is proud to be an equal opportunity workplace and is an affirmative action employer, providing equal employment and advancement opportunities to all individuals. We celebrate diversity and are committed to creating an inclusive environment for all associates. All employment decisions at Netsmart, including but not limited to recruiting, hiring, promotion and transfer, are based on performance, qualifications, abilities, education and experience. Netsmart does not discriminate in employment opportunities or practices based on race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, age, physical or mental disability, past or present military service, or any other status protected by the laws or regulations in the locations where we operate.
Netsmart desires to provide a healthy and safe workplace and, as a government contractor, Netsmart is committed to maintaining a drug-free workplace in accordance with applicable federal law. Pursuant to Netsmart policy, all post-offer candidates are required to successfully complete a pre-employment background check, including a drug screen, which is provided at Netsmart’s sole expense. In the event a candidate tests positive for a controlled substance, Netsmart will rescind the offer of employment unless the individual can provide proof of valid prescription to Netsmart’s third party screening provider.
All applicants for employment must be legally authorized to work in the United States. Netsmart does not provide work visa sponsorship for this position.