Description

As the #1 advisor for developing and empowering people to deliver the highest quality care, HealthStream’s brands include best-in-class apps, software, and specialized solutions. Over the last 30 years, our Company has remained committed to solving big problems and growing into new product lines. We are constantly innovating and finding new ways to positively impact healthcare organizations. 

What does our values-based culture offer you? 

• A collaborative work environment 

• A mission-oriented mindset 

• Work-from-home flexibility 

• A chance to grow your career 

All our HealthStreamers share a common vision: to improve the quality of healthcare by developing the people who deliver care. For over 30 years, we have remained committed to providing effective solutions through innovation and constant growth. Today, we offer a unified suite of products to streamline scheduling, credentialing, training and learning management, workforce development, and other key areas in the healthcare industry. We provide recurring value and, as a HealthStreamer, you will be at the forefront of healthcare technology innovation! 

We offer work-from-home flexibility as part of our hybrid workplace policy. Our three Resource Centers (located in Nashville, TN; Boulder, CO; and San Diego, CA) are available for scheduled in-person events or assigned workspaces for those who want to work in the office. Remote team members also have access to flexible space scheduling for occasional use.

We encourage collaboration and commit to growth for our entire team. Our thriving culture allows our team members to continuously solve big problems, and we value these contributions. If you want to work for a company committed to its values and vision, HealthStream is the place for you! 

We make sure patients receive competent care from qualified people. As a HealthStream team member, you would help this vision come to life. We pride ourselves on being a community where you can both build your career and take time away to fulfill your life goals and commitments. 

Your Role As a HealthStreamer 

Position Summary

The GRC Analyst will plan and audit policies, procedures, standards, and controls that govern the protection of corporate information systems, networks, and data. The GRC security analysts will stay up-to-date on the latest cybersecurity intelligence, including hackers' methodologies, in order to identify standards and controls that should be considered across the organization. Additionally, the GRC Analyst will be responsible for adhering to all HealthStream security policies, procedures, and assigned training. 

Essential Duties and Responsibilities

You will be responsible for adhering to all HeathStream security policies, procedures, and assigned training.

• Performing control assessments against corporate cybersecurity framework

• Perform review of policies and supporting procedures/processes

• Perform assessments of adherence to standards

• Work closely with management on security practices

• Assess 3rd party vendors for adherence to standards

• Develop routine reports in accordance with GRC metrics

• Stay on top of changes in the industry as it relates to security.

• Other duties as assigned. 

Qualifications

What You Will Need to be Successful

Education, Experience and Knowledge Required

• Bachelor's Degree, ideally in Computer Engineering, Computer Science, or Information Systems Management or equivalent work experience in the field of Cybersecurity

• Possess current security certifications (e. g., Security , CISSP, CEH, SANS) or be willing to obtain within 1 year of assignment

• Understanding and familiarity with information system standards

• Understanding and familiarity with cybersecurity frameworks (e.g., ISO, NIST, HITRUST, COBIT)

• Assist in performing IS self-assessments to ensure systems and applications are complying with corporate policies, applicable regulatory and legal requirements, and leading industry practices.

• Works with the CISO to determine the acceptable level of risk for enterprise computing platforms.

• Assist in performing Third Party Risk Assessments for new and existing vendor tools, on premise implementations, and third parties with access to the environment.

• Assist in maturing the Third-Party Risk Management program by defining security controls based on tiers of vendors.

Skills and Abilities Required

• Drive innovation by analyzing and interpreting data to test and inform a new initiative or approach.

• Accountable for successful completion of multiple, individual projects simultaneously.

• Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.

• Manage change and demonstrate adaptability by embracing change and adjusting priorities or processes and approach as needs dictate.

• Take responsibility for successes and failures related to individual and team-based project work assignments; actively presents suggestions for solution(s), if objectives not met.

Benefits 

HealthStream offers a comprehensive benefits package to eligible employees, including: 

• Medical, Dental and Vision insurance 

• Paid Time Off 

• Parental Leave 

• 401k and Roth 

• Flexible Spending Account 

• Health Savings Account 

• Life Insurance 

• Short- and Long-Term Disability 

• Medical Bridge Insurance 

• Critical Illness Insurance 

• Accident Insurance 

• Identity Protection 

• Legal Protection 

• Pet Insurance 

• Employee Assistance Program 

• Fitness Reimbursement 

If you have a passion for improving healthcare outcomes and empowering healthcare workers, come join the HealthStream team! We hope you join us and be a HealthStreamer!