Job DescriptionThe Governance Analyst, IT Governance, Risk, & Compliance will assist with the formation and execution of data governance framework, policy, and standards. This will include the application of technical knowledge and tools to enhance and improve IT governance practices and principles to increase assurance of continuous compliance. This role will require creating and implementing work processes that follow organizational standards, and ensuring that policies align with external regulations. The position will require communication across the organization, and require collaboration with leadership and staff in the compliance, audit, and IT organizations.ESSENTIAL FUNCTIONSGovernancePrivileged Access ManagementOnboarding and termination processesSegregation of DutiesAppropriateness of privilegePolicy Development Documents processes to measure and implement Security Policy aligned with a globally-accepted best practice framework, such as NIST CSF or ISO 27000Procedure Development - Working with all IT teams, develops and maintains procedures to provide full support for the Security PolicyTraining - Ensures IT staff are adequately trained to understand the risks & controls for which they are responsibleIdentity and Access Management Document, implement, and support processes and solutions related to identityIncident Response Documents, tests, trains employees and executes responses to cyber security breaches Effectiveness Testing - Constantly tests the control environment to ensure it is operating effectively and efficientlyReporting - Periodically reports metrics related to measurement and reduction of organizational riskOKRs & KPIs - Develops, monitors, regularly reports, and ensures adherence to OKRs & KPIs for IT governanceRisk ManagementVulnerability Management Documents and enhances processes to identify, prioritize, and validate completion of remediation activities related to vulnerabilitiesPatching Documents and enhances processes to prioritize, remediate and validate patches for operating systems, applications, and hardware in the enterpriseRisk Management - Assist in the development & management of all IT POAMs3rd Party Assessment Program Documents and enhances processes to assess Third Party vendors for risk, security posture, and alignment with IT Security PoliciesSecurity Awareness Measure and quantify risk to prioritize security awareness communications and training AuditAssists in creating desktop policies, processes, and procedures to support internal and external audit control testing, including but not limited to; HIPAA, SOX, CCPA. Support as needed to gather evidence related to IT General ControlsAnalyze and improve processes related to ITGC testing to implement, measure and enforce IT PolicyIT Control Execution Customer Audits Ensures all customer compliance commitments are met at all timesComplianceRegulatory Compliance - Responsible to document, streamline, and mature IT General Controls to support compliance for HIPAA, SOX, & CCPA IT Audit Compliance - Support the timely execution of IT General Control testing activities as requiredPOSITION QUALIFICATIONS Education / ExperienceBachelor's Degree in Computer Science, Computer Engineering, or Information Security / Cyber Security, or equivalentcombination of education, training, and experienceISC(2) CISSP certificate preferredISACA CISM certificate preferredITIL & GIAC certificates a plusSkills & ExperienceMinimum 3 years of experience in a full-time Information Security contributor roleAudit Management - Understanding of normalized audit processes / methods, goals, motivations, and desired outcomesCompliance Knowledge of regulatory requirements and industry standards such as HIPAA, HITRUST, SOX, SOC, NIST CSF, ISO 27000, & CCPA.Governance - Can build and maintain easy to understand, easy to follow, and easy to audit policies, procedures, controls, narratives, and other common components of an enterprise IT GRC program.We value our team members and realize the importance of benefits for you and your family.LogistiCare offers a comprehensive benefits package to include the following:Medical, Dental, and Vision insuranceMedical, Dental, and Vision insuranceEmployer Paid Basic Life Insurance and ADVoluntary Life Insurance (Employee/Spouse/Child)Health Care and Dependent Care Flexible Spending AccountsPre-Tax and Post Tax Commuter and Parking Benefits401(k) Retirement Savings Plan with Company MatchPaid Time OffPaid Parental LeaveShort-Term and Long-Term DisabilityTuition ReimbursementEmployee Discounts (retail, hotel, food, restaurants, car rental and much more!!)Salary: $67,466 - 89,955 annuallyModivCare is an equal opportunity and affirmative action employer. We strive to promote and sustain a culture of diversity, inclusion and belonging every day. We do not discriminate in recruiting, hiring or promotion based on race, ethnicity, sex/gender, sexual orientation, gender identity or expression, age, disability or protected veteran status or on any other basis or characteristic prohibited by applicable federal, state, or local law. We proudly support and encourage people with military experience (active, veterans, reservists and National Guard) as well as military spouses to apply for open job opportunities.