This job was posted by : For more information, please see: Looking for similar profile to what is listed below but more junior. HM is not looking for a cybersecurity compliance expert but having the basic knowledge of security controls and compliance is a requirement. need to be able to speak to experience-driven examples of the basic security control frameworks (NIST, ISO, HIPAA) to demonstrate knowledge. Supporting audits, gathering evidence, working with all necessary folks including controllers for audits, experience with internal and external audits from start to finish preferred Position Overview The Cybersecurity Compliance Analystwill help define, implement, manage, and maintain cybersecurity compliance to meet or exceed requirements for in-scope security, legal, and regulatory frameworks. This role will be responsible for leading the cybersecurity compliance efforts for the enterprise as well as continuing the advancement of the compliance program. This is a multi-dimensional role, requiring cybersecurity compliance and business integration experience with proven capability in both technical skills and cultural awareness to build partnerships and provide best-in-class compliance management and support. Essential Duties Include, but are not limited to, the following: Lead cybersecurity compliance initiatives for Exact Sciences that include coordinating internal and external cybersecurity compliance audits, scheduling meetings, gathering evidence, managing timelines and advising stakeholders. Perform professional day-to-day execution of cybersecurity compliance activities, internal/external audit engagements and projects that focus on customer service and support. Build partnerships and collaborate with colleagues across all levels by providing cybersecurity compliance and audit support, evidence collection and validation, control enhancement, and process improvement recommendations. Assist in the creation of compliance procedures, guidelines, control narratives and work instructions. Conduct gap analyses, review audit results, and participate in the identification of root causes to support and monitor remediation plans, recommend preventive actions, and report metrics. Monitor cybersecurity control processes developed to ensure adherence to compliance guidelines, internal policies, and regulatory requirements, including SOX, HIPAA, FDA, HITRUST, PCI-DSS, etc. Act as a subject matter expert (SME) for cybersecurity compliance related procedures, requirements, and audit activities. Work with leadership to prioritize compliance initiatives to align with business objectives. Assist with the continued advancement of the cybersecurity compliance program through the review of IT process narratives, compliance awareness efforts, process improvement strategies and risk and control mapping. Support business enablement objectives in alignment with cybersecurity compliance best practices and regulatory requirement. Must be able to take initiative, be dependable, and work with little supervision while being resilient to change. Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork. Support and comply with the company\’s Quality Management System policies and procedures. Maintain regular and reliable attendance. Ability to act with an inclusion mindset and model these behaviors for the organization. Ability to travel 5% of working time away from work location, may include overnight/weekend travel. Perform other cybersecurity compliance related tasks as needed. Minimum Qualifications Bachelor\’s degree in information technology, business, or related field; or high school degree/general education diploma (GED) and 4 years of relevant experience in lieu of bachelor\’s degree. Prior experience and knowledge of regulatory requirements and control frameworks (e.g., SOX, HIPAA, HITRUST, PCI-DSS, ISO 27001, FDA, NIST 800-53. Demonstrated ability to perform the essential duties of the position with or without accommodation. Authorization to work in the United States without sponsorship. Preferred Qualifications Excellent interpersonal and communication skills. Demonstrated ability to operate in a cross cultural and complex matrix environment with the ability to build consensus across functions. Prior experience working in an audit-related role with an emphasis on cybersecurity compliance, operations and/or security controls. Cybersecurity certification (CISA, CRISC, CISM, CISSP, Security +, CC) Beacon Hill is an Equal Opportunity Employer that values the strength diversity brings to the workplace. If you would like to complete our voluntary self-identification form, please click here or copy and paste the following link into an open window in your browser: Completion of this form is voluntary and will not affect your opportunity for employment,
ISO standards Security HIPAA Cybersecurity Certified Information Security Manager (CISM) sox PCI DSS Certified Information Systems Security Professional (CISSP)