Solid programming skills in at least one high-level language (e.g., Python, Ruby)
Strong ability with database concepts and API implementation
Well-versed in secure software development lifecycle procedures and concepts
Well-versed in project management procedures and concepts
Have soft skills, such as multi-tasking, self-starter, prioritization, time management, decision making, teamwork, presentation, communication and strong interpersonal skills
Advanced Knowledge of Microsoft suite of applications (Word, Excel, Visio, Project, etc.)
KNOWLEDGE AND SKILLS PREFERRED:
Navex Global’s IRM, Lockpath, software platform deployment and administration experience
Experience building and customizing Lockpath GRC workflows
Working knowledge of information security risk management and risk assessment methodologies.
Expert knowledge of one or more of the following: HITRUST, HIPAA Security and Privacy Rule, Red Flags Rule, Healthcare IT Standards (HITSP), HITECH, Meaningful Use (MU), COBIT, and PCI.
Strong background in business application, IT, and information security development
Expert knowledge of C#, SQL, and XML
Middleware experience with Demisto
A diverse set of technical skills, such as IT infrastructure, operating systems, data centers, access controls, cloud security, applications security, malware protection, security monitoring, physical security controls, etc.
Working knowledge of enterprise security systems (e.g., Firewalls, VPN, IDPS, SEIM), security threats and related risks, malware protection, virtual networks, asset management, pen-testing, vulnerability management, access management, configuration management, encryption techniques, cloud security, and 3rd party security
EDUCATION AND EXPERIENCE REQUIRED:
Bachelor’s degree in Computer Science or Information Systems or equivalent work experience.
3-5 years of experience developing complex business and/or risk-based workflows in a professional services firm and/or large enterprise
3 or more years of experience in information security
EDUCATION AND EXPERIENCE PREFERRED:
Master’s in computer science, information systems/technology, cybersecurity, or business administration from an accredited university
Experience in the healthcare industry doing information security
2 or more years’ experience developing with a variety of API integrations
LICENSURE, CERTIFICATION OR REGISTRATION PREFERRED:
LockPath GRC Admin from Navex Global
Governance, Risk and Compliance (GRC) Security Specialist - Intermediate is responsible for the development and administration of Information Technology Governance, Risk, and Compliance (GRC) solutions and content. This position will develop, integrate and administer complex enterprise GRC workflows, data, system integration and related tools. Other key activities include working with Information Security, Information Technology and business stakeholders to understand and support their use of the IT GRC platform and to ensure Information Security controls are managed though out a full lifecycle that includes policies, procedures, implementation, metrics, and assurance requirements.
The GRC Security Specialist - Intermediate should also have the knowledge of industry best practices for Information Security GRC, industry recognized information security frameworks, proficiency in multiple development languages, database expertise, a robust knowledge of the security of information systems and techniques required to protect the confidentiality, integrity, and availability of sensitive information. Strong interpersonal and communication skills, critical thinking, analytical and problem-solving skills are required to avoid checkbox mentality and tackle unexpected challenges by coming up with intelligent ways of providing functionality and security. This role is focused on the GRC system and using a REST API service to integrate with other enterprise technology tools. The individual must have an excellent understanding of information security program needs, risks, along with project management experience. The individual should be able to work well under pressure, independently, and be able to perform effectively in a team setting to achieve organizational goals.
AdventHealth Greater Orlando (formerly Florida Hospital) is one of the largest faith-based health care providers in the United States. For 150 years, we have carried on a tradition of providing whole-person care that not only addresses patients' physical ailments, but also supports their emotional and spiritual well-being. We demonstrate the same level of compassion and care for our employees as well, doing all that we can to help them realize their full potential – both personally and professionally.