Associate Security Analyst, Risk and Security

Associate Security Analyst, Risk and Security

Apply remote type Remote locations Remote, TX Default Location time type Full time posted on Posted 3 Days Ago job requisition id R25_0000000357

Company Description

PG Forsta is the leading experience measurement, data analytics, and insights provider for complex industries—a status we earned over decades of deep partnership with clients to help them understand and meet the needs of their key stakeholders. Our earliest roots are in U.S. healthcare –perhaps the most complex of all industries. Today we serve clients around the globe in every industry to help them improve the Human Experiences at the heart of their business.

Like all great companies, our success is a function of our people and our culture. Our employees have world-class talent, a collaborative work ethic, and a passion for the work that have earned us trusted advisor status among the world’s most recognized brands. As a member of the team, you will help us create value for our clients, you will make us better through your contribution to the work and your voice in the process. Ours is a path of learning and continuous improvement; team efforts chart the course for corporate success.

Our Mission:

We empower organizations to deliver the best experiences. With industry expertise and technology, we turn data into insights that drive innovation and action.

Our Values:

• Energize the customer relationship: Our clients are our partners. We make their goals our own, working side by side to turn challenges into solutions.
• Success starts with me: Personal ownership fuels collective success. We each play our part and empower our teammates to do the same.
• Commit to learning: Every win is a springboard. Every hurdle is a lesson. We use each experience as an opportunity to grow.
• Dare to innovate: We challenge the status quo with creativity and innovation as our true north.
• Better together: We check our egos at the door. We work together, so we win together.

• Requesting, submitting and filing artifacts related to the completion of third-party audits including, but not limited to HITRUST CSF, SOC 2, ISO 27001, FedRAMP, TX-RAMP and contractually required frameworks.
• Responding to requests for information about the PG Forsta security program and the security of PG Forsta’s products.
• Evaluating the security of PG Forsta vendors as part of the third-party risk management program.

• Work with external auditors to interpret audit requests into actionable requests and provide responses.
• Collect and review evidence of technical control implementation and report on deficiencies and control failure.
• Communicate significant control and compliance risk to management.
• Identify opportunities for improvement in response and evidence collection by consolidating audit requirements.
• Identifying areas that would support automating evidence collection.
• Supporting an ongoing audit-friendly culture.

• Collect and update information in the organization’s Risk and Security knowledge repositories.
• Respond to requests for information about PG Forsta’s security program and Risk and Security topics related to the organization’s products.
• Collect information and provide responses to risk and security topics related to the work they perform.

• Monitor and audit people, processes, and technology to ensure compliance with approved policies.
• Complete tasks associated with internal controls monitoring and report on collection difficulties or escalate to management as appropriate.
• Assist with the documentation of computer security and emergency measures policies, procedures, and tests.

• Work with Legal, Technology, and other business partners to communicate, translate and maintain controls that protect data and appropriately manage its lifecycle.
• Identify and communicate risks relating to PG Forsta data, systems, and personnel as discovered.

The expected base salary for this position ranges from $54,000 to $70,000. It is not typical for offers to be made at or near the top of the range. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, licensure or certifications obtained. Market and organizational factors are also considered.

Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At Press Ganey we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

Additional Information for US based jobs:

Press Ganey Associates LLC is an Equal Employment Opportunity/Affirmative Action employer and well committed to a diverse workforce. We do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, veteran status, and basis of disability or any other federal, state, or local protected class.

All your information will be kept confidential according to EEO guidelines.

Our privacy policy can be found here: https://www.pressganey.com/legal-privacy/