Are you an experienced IT Utility player who can work across different business and functional units supporting governance and risk? Are you a strong communicator who can lead audit responses to both internal and external stakeholders - ensuring security, risk and regulation policies are documented and explainable? Our Corporate IT team is hiring an IT Operations Analyst to support our global GRC efforts.
**THIS IS A FULLY REMOTE OPPORTUNITY, but job seekers must currently reside in Costa Rica (ideally matching work hours to US Eastern time zone).**
**About You**:
- You have a broad understanding of networking, cyber security, regulations and frameworks (HIPPA, GDPR, NIST etc) and Disaster Recovery.
- You have strong English language communications skills to meet with internal stakeholders and third-party auditors.
- Basic understanding of budgeting and tracking systems allocations and usage across the business.
**About The Role**:
The IT Operations Analyst position is responsible for supporting Precision Medicine Groups IT governance, risk and compliance (GRC) program. Responsibilities include the support of customer audits, Quality Management System maintenance, policy and procedure development, Business Continuity Plan simulations and the development and maintenance of IT compliance reports. The IT Operations Analyst will interface with various departments across PMG in support of the enterprise-wide quality management initiatives. The position will report to the SVP, IT Governance Risk and Compliance.
**Essential functions of the job include but are not limited to**:
- Manage Vendor/System Qualification databases.
- Participate in the initiation and review of vendor risk assessments.
- Act as the GRC liaison to IT and PMG businesses.
- Work with BRM's on compliance needs, CAPAs, Observations and Regulatory issues.
- Develop/maintain BCP Playbooks.
- Participate in compliance audit activities with external auditors and internal control owners, to ensure timely and successful completion of audit requirements.
- Participate in the development and maintenance of IT procedures, guidelines, and training materials.
- Participate in conducting periodic reviews and audits of internal IT policies, controls, and processes.
- Define, track and report on relevant metrics (e.g., performance, value, uptake) for IT Governance, Risk and Compliance (GRC) policies and processes.
- Other tasks as assigned
**Required Experience**:
**Education**:
- Bachelor (4-year) degree in Information Systems, computer science, a related field or an equivalent combination of education & experience.
- Relevant certifications such as Certified in Risk and Information Systems Control (CRISC), Certified Information System Security Professional (CISSP), Certified Information System Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT) are preferred.
Work Experience:
- Minimum of 5 years of experience in an Information Technology, Quality Assurance or IT Compliance setting.
- Experience participating in IT audits.
- Experience in the development and management of IT Standard Operating Procedures in a regulated environment.
- Strong understanding of general IT and cyber security best practices.
- Strong documentation skills and the advanced use of Microsoft Word, Excel, and PowerPoint.
- Familiarity with and experience working with the following guidelines/regulations: HIPAA, 21 CFR Part 11, GDPR
- Ability to work independently and as part of a team.
LI-Remote
Precision Medicine Group is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, age, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law. © 2020 Precision Medicine Group, LLC