Compliance Analyst

Description

The Compliance & Security Analyst will assist in development, auditing, monitoring, training, and improvement of multiple corporate compliance programs encompassing Information Security, Physical Security, Quality Management, Privacy and customer specific programs as needed. This position will provide matrixed support across departmental boundaries, facilitating improved alignment of compliance programs throughout the company. The position will serve as Facility Security Officer (FSO) and will be responsible for ensuring compliance with all government security regulations and procedures to include the implementation and maintenance of security procedures as required by the National Industrial Security Manual (NISPOM).  

At Commence, we’re the start of a new age of data-centric transformation, elevating health outcomes and powering better, more efficient process to program and patient health. We combine quality data-driven solutions that fuel answers, technology that advances performance, and clinical expertise that builds trust to create a more efficient path to quality care.

With human-centered, healthcare-relevant, and value-based solutions, we create new possibilities with data. We provide proof beyond the concept and performance beyond the scope with a focus on efficiencies that transform the lives of those we serve. With a culture driven by purpose, straightforward communication and clinical domain expertise, Commence cuts straight to better care. 

Requirements

• Develop and implement security policies and procedures in compliance with government regulations, including but not limited to the National Industrial Security Program Operating Manual (NISPOM). 
• Partner with third party auditors and fulfill their requests by acting as a single point of contact for internal information collection activities.
• Identify requirements for audit control criteria to meet stakeholder needs.
• Manage and oversee physical security measures, including access control, visitor management, and security systems. 
• Coordinate with government agencies and external security personnel as needed. 
• Investigate and report security incidents and violations to appropriate authorities. 
• Manage and maintain security-related documentation and records, including incident reports and security clearance records. 
• Provide guidance and support to employees on security-related matters. 
• Partner with operations teams to implement processes supporting compliance controls.
• Collaborate with key stakeholders to communicate compliance initiatives and approaches.
• Review established documentation and suggest modifications of existing policies—or establishment of new ones—in pursuit of operating excellence with predetermined frequency.
• Prepare reports, documentation, project updates and data for both internal and external partners.
• Develop, coordinate, and deliver training related to compliance programs as part of employee onboarding, annual refresher training and ad hoc as needed. Ensure required documentation of completed training is recorded and maintained.
• Maintain the company’s security policies. These are formal policies that detail and document actual mechanisms and controls.
• Assist with the ongoing maintenance and exercise of the company’s Security Procedures that include Disaster Recovery and Business Continuity Plans, Security Incident Response and process protocols including Incident Reporting and Sanctions.
• Coordinate periodic reviews of all formalized management process documents, ensuring version control.
• Conduct internal audits across departments on a scheduled and ad hoc basis.
• Serve and fulfill duties as the organizational Facility Security Officer and Privacy Officer.
• Carry out other compliance, reporting or administrative duties as directed.

Qualifications

• Bachelor’s degree in business, information technology or other complementary discipline or equivalent experience with 3-5 years of experiencee
• Previous experience in an information technology role.
• US Citizen
• Knowledge of NISPOM requirements
• Must complete or have completed requirements for FSOs 
• Expertise with business productivity applications including Microsoft Office.
• Excellent written and verbal communication skills.
• Flexibility to travel on occasion to conduct activities in support of audits.
• IT Security related certifications are a plus (e.g., CISSP, SSCP, CISM, GIAC, CISA, etc.).
• Preference will be given to candidates with previous experience pursuing one or more compliance mandates (e.g., ISO 27001, PCI DSS, HITRUST, etc.) or audit and reporting frameworks (e.g., NIST, SOC, etc.).
• Receive and maintain a favorable adjudication for a National Agency Check with Law and Credit (NACLC) background investigation.

Additional Requirements 

• Exposed to confidential information and expected to always maintain confidentiality; must adhere to rules and regulations in accordance with company directives.
• May be required to work outside of normally scheduled hours as mandated by the client, project and/or workload (e.g. evenings, weekends, and/or holidays).
• Required to maintain established work pace, meet deadlines; may have last minute urgent requests.

Commence is an equal employment opportunity employer. All personnel processes are merit-based and applied without discrimination on the basis of race, color, religion, sex, sexual orientation, gender identity, marital status, age, disability, national or ethnic origin, military and veteran status or any other characteristic protected by applicable law. 

If you need assistance or an accommodation due to a disability, you may contact us at 757-306-4920 or [email protected]