Essential Duties and Responsibilities:
Participate in the development and maintenance of the organization's risk register.
Assist in conducting basic risk assessments to identify potential threats and vulnerabilities.
Contribute to third-party risk management by supporting vendor assessments and evaluations.
Help in tracking and documenting remediation efforts for identified risks.
Participate in security auditing processes under the guidance of senior staff.
Assist in analyzing the risk associated with new applications and provide input for approvals.
Support the maintenance of compliance documentation and reports.
Contribute to security awareness initiatives within the organization.
Assist in ensuring compliance with relevant regulations and standards.
Support senior GRC team members in various GRC projects and tasks.
Other Functions:
Effectively communicate with team members to understand and support GRC initiatives.
Demonstrate basic knowledge of security procedures and document activities accurately.
Participate in team meetings, contributing insights on GRC matters.
Develop foundational skills in interpreting and adhering to security policies.
Exhibit a proactive approach to learning and understanding GRC best practices.
- Demonstrate strong analytical and problem-solving skills.
- Support the development, implementation, and maintenance of a comprehensive business continuity and disaster recovery plan to ensure uninterrupted delivery of critical healthcare services during emergencies.
- Help with Business Impact Assessments (BIAs) to aid in prioritizing recovery strategies for our systems.
- Assist the clinical and administrative teams to design and test BCP and DR procedures that comply with HIPPA regulations and related healthcare industry standards through disaster recovery drills and table top exercises.
- Support training and awareness programs for staff on business continuity protocols and their roles in maintaining operational awareness.
- Show exceptional attention to detail.