Welcome to the new standard of healthcare! Premise Health is the world’s leading healthcare access provider. We deliver purpose-driven career experiences in a culture-centric work environment—ensuring that employees at the nation's best companies get, stay, and be well. In a changing healthcare environment, we know there's a better way for organizations to help their people live healthier lives by delivering the right care at the right time, right where they work. Partnered with visionary organizations around the globe, we offer a broad range of healthcare services and deliver an effortless patient experience that raises the bar, lowers costs, and redefines the meaning of quality care. By shifting the conversation from cost to return and from treatment to prevention, we are committed to help people, their families, and the organizations they work for be at their best. We are looking for an IT Security GRC analyst to work at our Corporate office in Brentwood, TN ! However, this role can be remote! If you possess a “whatever it takes attitude” keep reading. It’s hard to pinpoint a “typical” day here (and who wants typical anyway?), but as the IT Security GRC Analyst, you will be to provide operational support and maintenance for ongoing operations of the internal IT Security governance programs and supporting technology solutions. This role exists within the organization’s Information Security Department, but will require interaction with many departments across the organization including but not limited to IT Security Operations; IT GRC; IT and Applications Delivery; Operations and Implementations; Compliance, Privacy, Legal, and HR; the Premise Health Growth Office, and all Lines of Service. This position requires detailed support of multiple programs related to IT Security governance and security-related projects and requires ensuring our governance programs are implemented and maintained per policy and fully operational. A qualified candidate will demonstrate expert ability to implement, scale, and optimize technology solutions that support these governance programs. This position entails third party engagements with an external consultant partners. The position is a work from home position preferably located proximately to Franklin, TN for occasional in-office requirements. This can be a fully remote position. What You’ll Do for Us: Operational support and maintenance of governance programs per Premise Health IT Governance Policy. Programs include but are not limited to: Policies and Procedures Security education, training, and awareness Standards development Continuous improvement Serve as SME on company projects as directed by the Manager, GRC (GOV). Providing timely communication and guidance on compliance requirements to responsible internal control owners. Maintain input or data quality of governance systems. Provide support to the Manager, GRC (GOV) to: Evaluate, implement and maintain Premise Health’s IT GRC tools and provide guidance for additional toolsets or features. Analyze governance programs and determine areas of enhancement and automation. Implement and maintain strategy and solutions for IT Security education, training, and awareness programs. Develop reporting metrics and system capabilities to measure adherence and improvement in governance programs. Support company HITRUST and other compliance framework efforts. Education: Bachelor’s degree from an accredited university or equivalent work experience CISA or CISSP is preferred. Experience: 3 years of direct experiencing in IT security and GRC. Working knowledge of industry governance frameworks. Direct experience in evaluating and successful implementation of large software packages to support GRC program requirements. Knowledge and Skills: Thorough knowledge in Information Security principles, policies, procedures and practices, web application security, proven knowledge of information controls and audit methodology for business systems and data processing environments Thorough knowledge in software implementation and project management Comprehensive understanding of IT risk controls and compliance frameworks such as SOC2, ISO 27001, NIST 800 series, ITIL Strong working knowledge and application of Microsoft Office Suite (Word, Excel, PowerPoint, SharePoint) Working knowledge of current and emerging industry best practices and quality frameworks such as ISO, Lean Six Sigma, CMMi and ITIL Experience in regulated or controlled industries, ex. large IT, healthcare, financial services, federal sectors, etc. Maintains a broad knowledge of emergent trends in information technology, tools, methodologies and best practices Exceptional written, presentation and oral communication skills Ability to work with teams and management on complex projects Ability to work in a team-oriented, collaborative environment Ability to learn and research new concepts, ideas, and technologies quickly Ability taking a concept from idea to completion What We’ll Do for You: At Premise Health, you’re not an employee – you’re a team member. We have health centers, pharmacies, fitness centers and offices scattered across the country, but we’re all working together to deliver exemplary and delightful service to our clients, their employees and family members. We’re proud of the culture we’ve built, and we aim to assist our team members in living their best life – in and out of the workplace. That’s why you’ll find us taking a yoga class together or starting a book club. We know that we can only help people get, stay, and be well if we do the same for ourselves. We’re also not afraid to share what we’re up to – check out some of our smiling faces. As an employer, we want to compensate you for the work you do with more than a paycheck (although you’ll get one of those too). Premise Health offers competitive benefits packages including medical, dental, vision, life insurance, 401(k), paid holidays and vacation time, and a company-sponsored wellness program. We are an equal opportunity employer of nice people and value inclusion at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.