Title: Sr. Governance, Risk, and Compliance Analyst
Location: Tampa FL (Remote)
Duration: Direct Hire
Compensation: $130,000K – $135,000K Annually
Work Requirements: US Citizen, GC Holders or Authorized to Work in the U.S.
 
Skillset / Experience:
Purpose of the Position:
The Sr. Governance, Risk, and Compliance (GRC) Analyst will perform IT security functions and maintain systems, while providing technical guidance to the team. This individual will be responsible for leading the day-to-day cyber compliance, data governance, and cyber risk management functions, including the responsibility for assessing and documenting the company's compliance and risk posture as they relate to its information assets.
The Sr. Governance, Risk, and Compliance (GRC) Analyst reports to the Director, CISO.
UMA is a nonprofit healthcare educational institution with a national presence. Headquartered in Tampa, Florida and founded in 1994, UMA offers content-rich, interactive online programs as well as hands-on training at our Clearwater, Florida campus.
Anticipated starting salary of $135,000; pay rate negotiable based on experience and qualifications.
Medical (including prescription), Dental, Vision (UMA subsidized)
FSA/HSA (Depending on Medical Plan chosen)
$50,000 Life Insurance (UMA paid)
Additional Voluntary Life Insurance (Team Member paid)
Employee Assistance Program – EAP (UMA paid)
Long Term Disability (UMA paid)
Short Term Disability (Team Member paid)
Supplemental Insurance such as Critical Illness, Accident, and Hospital (Team Member Paid)
Paid Time Off – 15 days accrued in year 1, 9 holidays, and 1 day of Volunteering Time Off
401k (eligible upon completion of 90 days of employment and must be at least 21 years of age)
Pet Insurance
Identity Theft Protection
Key Responsibilities:
Functional
Develop and maintain the company's governance, risk, and compliance program.
Assess and document the company's compliance and risk posture as they relate to its information assets.
Develop policies, procedures, standards, guidelines, and controls to ensure compliance with applicable laws, regulations, and industry best practices.
Work with internal stakeholders to ensure that policies, procedures, standards, guidelines, and controls are implemented effectively.
Work with external auditors to ensure that the company is compliant with applicable laws, regulations, and industry best practices.
Lead pen testing and remediation activities.
Vendor risk management.
Provide guidance on audit responses.
Assess computer hardware, software, and systems for security risks or violations.
Support Institutional Initiatives:
Keeps current with institutional goals, objectives, and progress.
Engages in institutional sponsored activities and initiatives as appropriate.
Leads with courage in support of change initiatives that impact organization.
Assists in coordinating efforts between departments within UMA.
Compliance:
Demonstrates knowledge of, and carefully follows all applicable federal and state compliance requirements and regulations including those prescribed by the Department of Education, accrediting agencies, CIE, and internal UMA policies and procedures.
Effectively communicates compliance requirements to students and other staff as appropriate and quickly escalates any compliance concerns to the Compliance department.
Work Experience, Skills & Abilities:
Minimum Requirements:
Bachelor's degree in computer science or related field.
7 years of experience in Information Security.
Experience with application pen testing, tracking, and reporting.
Experience developing governance, risk, and compliance programs.
Ability to influence and assist business owners in developing process, policies, controls and metrics that ensure compliance with relevant laws, regulations, policies, and standards.
Strong knowledge of information security principles, best practices, and frameworks (such as ISO 27001, NIST Cybersecurity Framework, etc.).
Excellent problem-solving skills.
Experience developing and maintaining a Secure SDLC program and Secure code practices.
Experience with Security Awareness Training programs that include Phishing simulations.
Experience with vulnerability management and remediation tracking.
Able to professionally communicate in verbal and written English.
Proficient in MS Office (Word, Excel, PowerPoint) and other business tools such as Skype and Microsoft Teams.
Able to support a diverse and inclusive work environment.
Preferred Requirements:
Industry certifications preferred: CISSP, CISA, CISM.
Working Environment:
Office Environment/Call Center/Home Office.
Up to 10% of travel required.
Flexibility to work evenings and weekends as needed.
Physical Demands:
Requires long periods of sitting at a desk working on a computer.
Requires ability to travel.
Requires occasional bending, stooping and squatting.
Requires occasional lifting of up to 10 lbs.
 
About INSPYR Solutions
Technology is our focus and quality is our commitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients’ business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.com.
 
INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR Solutions complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities

About the Company:
INSPYR Solutions

Industry:
Education