The GRC (Governance, Risk, and Compliance) Security Analyst 3 plays a crucial role in ensuring that Akumin’s governance, risk, and compliance practices align with internal and external security policies and regulations. This position will lead third party risk management, policy development, compliance auditing, risk assessments, and security frameworks. 

Specific duties include, but are not limited to:

• Risk Management: Identifying, assessing, and mitigating risks related to information security, compliance, and business operations.

• Governance: Ensuring that the organization follows best practices in cybersecurity, risk, and compliance governance.

• Audit Support: Leading or assisting with internal and external security audits, including remediation of findings.

• Compliance Management: Monitoring regulatory requirements and ensuring the organization adheres to relevant laws and standards, including maintaining SOC2 compliance.

• Security Awareness: Developing and managing training programs to enhance security awareness within the organization.

• IT & Security Policy Development: Define and implement security policies, standards, and procedures for the organization.

Position Requirements:

• Bachelor's Degree in IT Security, Computer Science or equivalent experience.

• A valid and active certification in GRC or security assurance.

• 5+ years of experience in GRC, cybersecurity, or IT audit roles, with a focus on compliance, risk management, or security.

• Experience with regulatory compliance such as GDPR (General Data Protection Regulation), SOX (Sarbanes-Oxley Act), HIPAA (Health Insurance Portability and Accountability Act)

• Experience with governance tools for managing a risk register, third party risk management, control management, and self-assessments

• Risk Management: Identifying, assessing, and mitigating risks related to information security, compliance, and business operations.

• Governance: Ensuring that the organization follows best practices in cybersecurity, risk, and compliance governance.

• Audit Support: Leading or assisting with internal and external security audits, including remediation of findings.

• Compliance Management: Monitoring regulatory requirements and ensuring the organization adheres to relevant laws and standards.

• Security Awareness: Developing and managing training programs to enhance security awareness within the organization.

• Communication: Strong verbal and written communication skills to collaborate with technical and non-technical teams and explain complex security topics to stakeholders.

• Analytical Thinking: Ability to analyze risks, develop action plans, and assess security gaps.

• Problem-Solving: Creative problem-solving skills in developing security strategies and solutions.

• Leadership and Collaboration: Capable of working with cross-functional teams and leading projects related to compliance and risk management initiatives.

Preferred (one or more):

• Certified Information Systems Auditor (CISA)

• Certified in Risk and Information Systems Control (CRISC)

• Certified in Governance, Risk, and Compliance (CGRC)

• Certified Information Systems Security Professional (CISSP)

• Governance, Risk and Compliance Professional (GRCP)

• ITIL (Information Technology Infrastructure Library)

• Or other relevant GRC or security assurance certifications.

• Cloud Security: Knowledge of cloud security standards and frameworks (e.g., Azure, AWS, GCP).

• Familiarity with regulations such as GDPR, HIPAA, SOX, and PCI-DSS, and how they influence security policies and frameworks.

• Framework experience in ISO 27001, NIST CSF, HITRUST CSF, and CIS Controls.elevant GRC or security assurance certifications

Physical Requirements:

Standard office environment.              

More than 50% of the time:

• Sit, stand, walk.

• Repetitive movement of hands, arms and legs.

• See, speak and hear to be able to communicate with patients.

Less than 50% of the time:

• Stoop, kneel or crawl.

• Climb and balance.

• Carry and lift 10-20 lbs.

Residents living in CA, NY, Jersey City, NJ, WA and CO click here to view pay range information.

Akumin Operating Corp. and its divisions are an equal opportunity employer and we believe in strength through diversity. All qualified applicants will receive consideration for employment without regard to, among other things, age, race, religion, color, national origin, sex, sexual orientation, gender identity & expression, status as a protected veteran, or disability.