ABOUT FULGENT:

Fulgent is a leader in genetic and genomic clinical testing, a publicly traded company located in Los Angeles, California. We are a technology-driven company with extensive academic/clinical experience and capabilities in Next Generation Sequencing and bioinformatics. This distinction has advanced us to the forefront of the rapidly advancing genetic and genomic testing industry.

Fulgent's unique chemistries and superior proprietary bioinformatics pipeline has propelled our explosive growth in recent years. We offer the most expansive set of clinical genetic tests in the world, including 22,000 single gene tests, 900 preset panels, rearrangement testing, clinical exome/trios, whole exome/trios, whole genome, and our All-in-One reflex test. We are a CLIA and CAP accredited laboratory. Fulgent has state-of-the-art clinical, sequencing and bioinformatics tools, including the latest Illumina sequencers such as the NovaSeq.

SUMMARY OF POSITION:

The IT SECURITY COMPLIANCE ANALYST (Junior) is responsible for helps ensure that the company remains in compliance with industry regulations and certifications. This position works with various business units in the company to help implement and maintain standards, policies, procedures, and other activities as required to meet corporate regulatory requirements.

This position will support compliance projects, track compliance activities, develop reports and track metrics. This position will interface with vendors and partners in support of external assessments and audits.

KEY JOB ELEMENTS:

• Support the development, implementation, and execution of the company’s IT SOX, SOC 2, HIPAA, PCI DSS, GDRP compliance programs. This may include identifying, validating key controls, developing operational procedures, and reporting results to management, internal and external audit.
• Coordinate execution of activities, including support for planning and coordinating walkthroughs, testing of IT general controls, application controls, and key system generated reports.
• Support the review of system implementations to assess cyber risks and potential impact on internal controls and compliance requirements.
• Provides input to align IT policies, standards, and procedures in response to compliance requirements.
• Support process owners and control owners to ensure controls are well defined and in compliance.
• Participates and provides input to audit engagements and coordinates all technology responses to internal and external audits.
• Researches and assesses deficiencies identified and works with Management to identify appropriate solutions. Follows-up on remediation activities to verify appropriate resolution.
• Work with IT and Security leadership and cross-functional teams to suggest strategies and plans to enforce security requirements and address identified risks.
• Monitor and report on open items from internal and external audits.
• Interact directly with internal and external auditors and assessors to provide artifacts and evidence of compliance requirements.
• Develop and expand continuous monitoring processes to assess compliance with security policies and standards.
• Track progress against risk mitigation plans to verify completion of activities as needed.
• Validate security and operations key controls to help identify root causes, trends, and potential weaknesses.
• As an IT Security Compliance Analyst, you will recommend new controls to meet compliance standards where applicable.
• Provide business units with recommendations to improve risk posture and compliance with policies and standards and external requirements.

Qualifications:

KNOWLEDGE / EXPERIENCE:

• BS in Computer Science or related technical degree required, or equivalent experience.
• Must have one or more of the following certifications required: ISC2 CISSP, GIAC GSEC, COMPTIA SECURITY , CISA, ISACA CRISC, ISACA CISA, ISACA CISM or comparable certification.
• Working understanding of the general computer control areas and IT governance frameworks (e.g., NIST, ISO 27k, NIST, ISO, COBIT, ITIL, HITRUST, PCI, GDPR, CPRA and HIPAA) and Sarbanes Oxley framework
• Experience in risk management or adjacent work experience
• Ability to effectively assess processes, Compliance documents, risks and controls and identify emerging risks and issues.
• Strong interpersonal skills and ability to cultivate relationships with internal and external stakeholders, promoting diversity of people, perspectives, and ideas.
• Ability to bridge communications on complex needs and requirements between technical and business-oriented audiences.
• General knowledge of IT systems, DevOps, IT security, AWS, and Azure environment.
• Knowledge of system administration, networking, and operating system hardening techniques

SUPERVISORY RESPONSIBILITIES:

• No

REPORTS TO:

• Chief Information Security Officer

Environment:

Fulgent Therapeutics LLC is an Equal Employment Opportunity Employer.

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. The term “qualified individual with a disability” means an individual with a disability who, with or without reasonable accommodation, can perform the essential functions of the position.

For California residents, please see the link below to access our CCPA Privacy Notice.

CCPA Privacy Notice for California Residents

https://tinyurl.com/FulgentCCPA