IT/IS GRC Consultant

As the healthcare industry continues to rapidly transform, our IT team conceives, develops and delivers impactful technology solutions to support access to quality, affordable healthcare for our members. We are driven by our collective company purpose: To do everything in our power to stand with our members in sickness and in health®. Our IT team unleashes the power of this purpose through technology. We come to work every day to make a difference, and we deliver the highest quality and best solutions to our members.

Job Purpose:

This position is responsible for the planning, design, enforcement and audit of information technology and information security policies, standards and procedures which safeguard the integrity of and access to enterprise systems, files and data elements; analyzing, tracking and acting on information technoloyg or information security policy exceptions, audits and assessments; Maintaining knowledge of changing technologies, and provides recommendations for adaptation of new technologies, processes or policies; recognizing and identifying potential areas where existing informatio technology or information security policies, standards and procedures require change, or where new ones need to be developed, especially as a result of future business expansion and technology advances; providing management with analysis via risk assessments and briefings / reports to advise them of critical information technology / information security issues that may affect the companys business objective and / or compliance; collaborating with and feeds IT risk information into the Enterprise Risk Management program. Works closely with Legal, Privacy and Marketing/Sales to review and respond to customer contracts to ensure that HCSC inoformation security can meet the operational requirements.Evaluates and recommends information technology and information security products, services and/or processes to reduce risk and maintain compliance with applicable policies, mandates, laws and regulations; implementing the activities associated with the information technology and information security awareness programs and provides education and training on information technology and informatino security security policies, standards and practices; performing control assessments and working with appropriate Subject Matter Experts (SMEs) to document remediation plans; serving as a project lead and mentor to junior GRC team members.

Required Job Qualifications:

•Bachelor Degree and 4 years of IT / IS work experience with a broad range of exposure to systems analysis, application development, database design and administration.
•Understand IT / IS concepts and how to artciulate those in terms of risk.Interprets internal or external business issues and concepts and and can translate those into IT concepts that must be addressed via policy.
•Understand key IT / IS laws and regulations, such as the Health Insurance Portability and Accountability Act, as well as governance and compliance frameworks (e.g. NIST, COBIT, ITIL, HITRUST).
•Experience with audit and compliance controls. This could include previous IT auditing experience and / or technical controls implementation, as well as the ability to respond apprpriately to audit and assessment findings.
•Initiate and invoke creativity to solve complex problems; takes an outside in
•perspective to identify innovative solutions
•Collaborate well with individuals across the business and IT, as well as at all levels of the organization.Verbal and written communication skills, including the ability to articulate complex concepts to various technical and non-technical audiences.
•Experience with and understanding of overall GRC concepts.
•Work independently, with guidance in only the most complex situations.
•May lead functional teams or projects.

Preferred Job Qualifications:

•Bachelor Degree in Computer Science, Information Systems, or other related field.

• Experience reviewing contracts for operational feasibility.

•Experience with a GRC solution.


HCSC is committed to diversity in the workplace and to providing equal opportunity and affirmative action to employees and applicants. We are an Equal Opportunity Employment / Affirmative Action employer dedicated to workforce diversity and a drug-free and smoke-free workplace. Drug screening and background investigation are required, as allowed by law. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.
Requirements: Expertise Information Technology Job Type Full-Time Regular Location IL - Chicago, TX - Richardson

Back to top