Title: Compliance Analyst Basic Company Info: Large Health Care and Health Plan Organization Location Details: Remote Start: ASAP Duration: 6 month contract to hire Converting Salary: 80-105K Must Have: Bachelor's Degree. Or 5-7 years of experience in lieu of degree. 3-5 yrs exp writing and negotiating cyber and vendor contracts 2+ yrs security assessment experience. Knowledge of Control frameworks Technical business expertise and clauses and contracts. Plus: Certifications: CRISC, Profssional 3 rd party risk management. Cyber Security - GRC Senior Compliance Analyst The Senior Cybersecurity Contract Compliance Analyst will be a member of the Cyber Security GRC Team reporting to the Third-Party Risk Manager and is responsible for defining standard cybersecurity contractual terms, negotiating those terms and working with the business to identify their contracting risks. This role will also assist with customer security reviews and responding to audits. This role will work closely with the product leadership, legal, privacy and cybersecurity teams to support contracting needs for company clients and third-party suppliers. Job Responsibilities: Educating and counseling business partners on security terms, and work proactively with them to identify, mitigate and address cybersecurity contracting risks. Work with commercial teams to ensure client contracts and agreements with third party vendors include appropriate cybersecurity terms. Draft, review, and negotiate cybersecurity language for company's client, supplier, and third-party agreements. Work collaboratively within the company cybersecurity organization to ensure that templates and negotiation positions are updated and reflect the internal security posture and external requirements. Manage intake of client and vendor contract engagements. Negotiate directly with clients, suppliers, and third parties. Communicate with external clients to foster an understanding and confidence in the company's cyber security program. Support cybersecurity functions including risk management, security audits and customer security reviews. Develop and mature GRC program, dashboards and reports to inform risk prioritization, risk remediation, and management decision making Analyze existing and new legislative and regulatory developments to ensure that company understands and stays in sync with evolving requirements Qualifications: 3+ years' experience writing and negotiating cybersecurity contract requirements 2+ years of experience conducting security assessments preferred. Basic understanding of all components of cyber security; knowledge of common security frameworks, such as: HIPAA, HITRUST, ISO 27001/27002, NIST CSF. Technical and functional knowledge of various information security solutions, technologies, and industry-leading practices, allowing this role to provide recommendations, support key decisions, and contribute to industry forums. Technical and business expertise to drive information security requirements/ clauses in contracts, together with people skills to negotiate requirements with third-party representatives. Ability to prioritize and organize simultaneous tasks to ensure all requests are completed in a timely and accurate manner. Ability to think strategically about risk vs. business value; Strong oral and written communication skills and negotiation skills. Ability to handle sensitive/confidential information requiring a high level of discretion, respect, and iApply here: https://www.aplitrak.com/?adid=YmJnZW5lcmljLjQyMjM2LjEwNTA4QGJlYWNvbmhpbGxjb21wLmFwbGl0cmFrLmNvbQ