View all opportunities

GRC Analyst

Team: GRC
Department: Information Technology
Location: Remote
Commitment: Full-time
Summary
Are you ready to join a growing team that puts a premium on productivity and has an award-winning culture, centered around transforming talented employees into effective business leaders?
 
Then Bankers Healthcare Group is the place for you. We offer innovative financial solutions to licensed and highly-skilled professionals, representing the best of both traditional lending and fintech, and are looking for passionate, impact players to help take our company to the next level.
 
At BHG, you’ll become immersed in the finance industry—with a variety of loan solutions, credit cards, patient financing, bank programs, and collections services, which have helped BHG become one of the leading providers of finance solutions.
 
With over 18 years in business, we have the stability of an established company with the speed and agility of a startup, where ingenuity and risk-taking are encouraged, and every employee has the opportunity to learn, grow and thrive. 

Who You Are

The GRC Security Analyst will plan and implement policies, procedures, standards, and controls to govern the protection of corporate information systems, networks, and data. The GRC security analysts will stay up-to-date on the latest cybersecurity intelligence, including hackers' methodologies, in order to modify standards and controls that govern cybersecurity across the corporation. 
What You'll Do
  • Performing control assessments against corporate cybersecurity framework
  • Perform review of policies and supporting procedures/processes
  • Perform assessments of adherence to standards
  • Work closely with management on security practices
  • Assess 3rd party vendors for adherence to standards
  • Develop routine reports in accordance with GRC metrics. Stay on top of changes in the industry as it relates to security
  • Other security-related projects that may be assigned according to skills 
  • Assist in maturing the Information Security Risk Management Program by helping to define an IS risk register which includes identifying threats and risks to the organization
  • Meet with business stakeholders to identify top security risks
  • Assist in performing IS self-assessments to ensure systems and applications are complying with corporate policies, applicable regulatory and legal requirements, and leading industry practices
  • Assist in developing and driving the implementation of security best practices and standards to mature the overall IS Risk Management Program which includes defining security system and application standards of control
  • Assist in performing Third Party Risk Assessments for new and existing vendor tools, on premise implementations, and third parties with access to the environment.
  • Assist in maturing the Third Party Risk Management program by defining security controls based on tiers of vendors.
  • Articulating identified risks to the business for remediation, mitigation and sign off.
  • Investigates incidents and events that include potential HIPAA and other data breaches, data leakage, brand reputational risks, malware propagation, system compromises etc.
  • Assist with the Data Governance Program which includes defining a Data Classification and Handling Program, identifying Data Owners, and assisting with the design and implementation of a Data Classification
  • Assist in developing and maintaining Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for the Data Governance Security Program and initiatives.
  • Assist in the management and maintenance of the enterprise wide IS Security Awareness Program which includes phishing simulations, computer based training, proactive communications on latest threats, workshops and newsletters.
  • Assist in developing enterprise and functional team specific presentations to promote a security mindset
  • Work with the GRC Manager to ensure the Information Security team stays abreast of new regulatory, legal and/or compliance data security requirements.
What You'll Need
  • Bachelor’s Degree, ideally in Computer Engineering, Computer Science, or Information Systems Management or equivalent work experience in the field of Cybersecurity
  • Possess current security certifications (e.g., Security+, CISSP, CEH, SANS) or be willing to obtain within 1 year of assignment.
  • 1-2 years experience in a Information Security Risk Management program
  • Understanding of information system standards
  • Understanding of cybersecurity frameworks (ISO, NIST, HiTrust, COBIT, etc…)
  • Strong documentation and communications skills
Life at BHG
At BHG, we work hard and aren't afraid to take risks. Since the beginning, our core values of PMA (positive mental attitude), team player and loyalty have been the driving force behind every interaction we have between each other and our customers. We have a healthy respect for the daily grind, yet we value work/life balance. We believe that all employees should have the opportunity to lead and that good ideas can come from anyone. From the top-down, our leaders are actively involved not only in strategic oversight and running the business, but also in the well-being and growth of all employees. We consider people our #1 asset, and help employees realize their full potential, set and exceed their goals, and explore new opportunities for personal and professional development.
Why You Should Join BHG

We strive to offer amenities, opportunities, events, and programming that support the interests of our teams, while furthering the culture that makes us Great Place to Work® certified. Some of the benefits you can expect when you join BHG include:

  • 100% coverage of monthly health insurance premiums
  • Competitive PTO and vacation policies
  • Company 401(k) plan with employer contributions after one year
  • On-site gym access and memberships, with personal trainers, and certified nutritionists on staff
  • Company-sponsored training and certification opportunities
  • Monthly award ceremonies where top achievers are celebrated and receive additional bonuses
  • Ongoing volunteer opportunities to give back to the community through our BHG Cares program
If you’re ready for a career where you can exercise your passions, be surrounded by co-workers who are relentlessly committed to service, and have a team-player mindset, apply today!
Apply Now
Bankers Healthcare Group is committed to equal treatment and opportunity in all aspects of recruitment, selection, and employment without regard to gender, race, religion, national origin, ethnicity, disability, gender identity/expression, sexual orientation, veteran or military status, or any other category protected under the law. Bankers Healthcare Group is an equal opportunity employer; committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.