Compliance

• Evaluate and support compliance initiatives covering information security, policy, risk management, data classification, vendor management, privacy, audit, and awareness
• Assist with implementing information security policies and documentation, assessing compliance with existing policies, and ensuring overall compliance with security-related requirements from customers
• Perform security assessments and monitoring and tracking compliance status; develop and improve processes, procedures, standards, and guidance
• Provide guidance on security control implementation; implement process improvement and maturity initiatives
• Assist in evaluating risks and controls to support NIST CSF, ISO 27001, ISO 27018, ISO 42001, SOC 1, SOC 2, HITRUST, FedRAMP, and other regulatory and compliance initiatives
• Work with internal stakeholder teams to document the implementation of security compliance control implementations for technical, management, and operational requirements
• Conduct gap analysis of current policies, procedures, and practices as they relate to established guidelines outlined by NIST, FISMA, HIPAA, and other regulatory standards
• Conduct risk assessments of technology infrastructure and operational processes and controls for assigned areas
• Use AI-powered platforms for continuous controls monitoring, predictive risk assessments, and identifying compliance gaps while incorporating responsible AI use into practices
• Build and maintain the controls matrix in alignment with multiple compliance frameworks
• Develop and maintain security documentation such as System Security Plan, Privacy Impact Assessment, Configuration Management Plan, Contingency Plan, POA&M, annual FISMA assessment, and incident reports
• Assist in delivering and maintaining information security training and awareness programs
• Perform vendor management/security risk assessments and interface with vendors on occasion
• Track efforts related to threat and vulnerability assessment processes to monitor and remediate vulnerabilities in a timely manner

GRC Analyst

Senior Compliance Associate

Healthcare Compliance Consultant

Global Regulatory Policy – Grad Research Intern

Senior Advisor – Compliance & Regulatory Excellence, Care Delivery & Pharmacy

Senior Public Safety – Regulatory Specialist