Information Security GRC Analyst Job at Mom's Meals, a PurFoods Company, Ankeny, IA

bERxVXhCdThYTVlYTEpXdk9ldHhOTDhqR0E9PQ==
  • Mom's Meals, a PurFoods Company
  • Ankeny, IA

Job Description

Position Summary

We are seeking a proactive and detail-oriented Governance, Risk, and Compliance (GRC) Analyst to join our growing Information Security team. In this role, you will support the development, implementation, and maintenance of the companys GRC framework, ensuring compliance with healthcare regulations, privacy standards, and risk management principles. You will assist in activities related to HIPAA, HITRUST, and third-party risk assessments while collaborating closely with cross-functional teams to safeguard sensitive health data, including Protected Health Information (PHI). This role will report to the GRC Team Lead.

This position can be hybrid but must be local to the Des Moines, IA or surrounding area to work onsite as needed (multiple days during training, then 1-2 times/month) and when others from the team are onsite.

At this time, we are NOT considering applicants that require immigration sponsorship (additional work authorization or permanent work authorization) now or in the future to work in the United States. This includes, but IS NOT LIMITED TO: F1-OPT, F1-CPT, H-1B, TN, L-1, J-1, etc.

Position Responsibilities may include, but not limited to

  • Governance & Risk Management: Contribute to the ongoing development and maintenance of the GRC framework, policies, and procedures, ensuring alignment with regulatory requirements, privacy standards, and business objectives, particularly regarding PHI protection
  • HITRUST Certification: Assist with the HITRUST certification process by gathering necessary documentation, participating in assessments, and ensuring that audits are up to date and complete
  • Third-Party Risk Assessments: Aid in conducting third-party risk assessments, ensuring that vendors comply with required security and privacy regulations.
  • Collaboration with Cross-Functional Teams: Collaborate with internal teams (e.g., Compliance, Legal, IT) to align risk management practices across the organization and support the overall governance strategy
  • Risk Reporting & Analysis: Contribute to the identification and assessment of key risks, helping to produce reports that provide actionable insights
  • Continuous Improvement: Stay up to date with industry trends, regulatory changes, and emerging risks to ensure that the companys GRC practices remain effective and relevant
  • Training & Awareness: Promote risk awareness within the organization and provide training and guidance on key regulations
  • Oversee tools that highlight data classification inside of the enterprise
  • Assist in monitoring security logs and daily activities for suspicious behavior and escalate incidents as necessary
  • Assist with the drafting, reviewing, and updating of information security policies to ensure alignment with regulatory requirements and best practices for healthcare organizations
  • Actively support the organization's incident response efforts, including assisting in the investigation, containment, and remediation of security incidents
  • Be part of the on-call rotation for incident response, providing critical support during after-hours or emergency security incidents

Required Skills and Experience

  • Proven experience (3+ years) in GRC or risk management, with a strong focus on governance and risk
  • Hands-on experience supporting the management of HITRUST certification
  • Strong understanding of risk management principles, frameworks, and methodologies (e.g., NIST, ISO 27001)
  • Knowledge of regulatory compliance such as HIPAA, HITRUST, GDPR, CCPA, and PCI DSS
  • Experience working with cross-functional teams to drive security and risk initiatives
  • Experience in conducting or supporting third-party risk assessments, especially in relation to healthcare data security and privacy
  • Excellent communication skills with the ability to explain complex risk and governance concepts to both technical and non-technical stakeholders
  • Strong analytical and problem-solving skills
  • Ability to work independently and manage multiple priorities in a fast-paced environment
  • Strong organizational and time management skills
  • Continuous drive to learn and grow professionally in the fields of GRC and information security

Preferred Skills and Experience

  • Relevant certifications (e.g., Security+, CRISC, CISM, CISSP)

Physical Requirements

  • Repetitive motions that include the wrists, hands and/or fingers
  • Sedentary work that primarily involves sitting, remaining in a stationary position for prolonged periods
  • Visual perception to perform job including peripheral vision, depth perception, and the ability to adjust focus
Mom's Meals, a PurFoods Company

Job Tags

Permanent employment, Local area, H1b,

Similar Jobs

The Dominick

Senior Group Sales Manager Job at The Dominick

 ...Responsibilities The Dominick Hotel is a luxury Five Diamond Four Star hotel in the SoHo neighborhood of New York City. The Group Sales Manager will prospect, manage and develop key accounts for a sales territory structured by defined markets. They will work closely with... 

Insite Risk Management

Physical Security Systems Project Manager Job at Insite Risk Management

 ...individual to serve as a senior Project Manager in our Physical Security Systems group, which manages technologies related to access...  .... Coordinate with internal stakeholders, external vendors, contractors, and technology providers to identify, track, and remediate open... 

Veridic Solutions

Python Developer Job at Veridic Solutions

 ...Job Description Sr Python Developer/AWS with AI/ML experience a MUST Reston, VA for 3 days onsite for 12+ month extendable contract The Enterprise Innovation team is looking for a Senior Software Engineer to help turn innovation concepts and ideas into applications... 

Headway

Licensed Mental Health Therapist (Virtual) Job at Headway

 ...clients you see through Headway, so that you can set the hours that work for you. Grow your caseload by providing marketing support and...  ...patients in-person or remotely via telehealth while working from home. We accept the following licenses on a state by state basis:... 

Planet Pharma

Research Scientist, Biology Job at Planet Pharma

 ...high data integrity and reproducibility. Required Qualifications: BS/MS in Neuroscience, Pharmacology, Physiology, Cell Biology, or a related field. Minimum 3 years of hands-on experience in vitro pharmacology in academic, biotech, or pharmaceutical settings...