Providence Global Center Looking for Lead Information Security Analyst – IT Governance at Hyderabad, Telangana Full Time

Providence, one of the US’s largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, ‘Health for a better world’, Providence and its 120,000 caregivers strive to provide everyone access to affordable quality care and services.

Providence has a network of 52 hospitals, 1,000+ care clinics, senior services, supportive housing, and other health and educational services in the US.

Providence India was established to bring to fruition the transformational shift of the healthcare ecosystem to Health 2.0. The India center will have focused efforts around healthcare technology and innovation, and play a vital role in driving digital transformation for Improved patient outcomes and experiences, caregiver efficiency, and running the business of Providence at scale.

Why Us?

Best In-class Benefits

Inclusive Leadership

Reimagining Healthcare

Competitive Pay

Supportive Reporting Relation

Enterprise Information Security (EIS) is committed to appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients).

What will you be responsible for?

Develop, maintain, monitor and enforce IT policies and procedures

Development, implementation and compliance of information risk management across the enterprise

Act as the principal contact for the GRC India Governance team in coordination, implementation, and/or enforcement of Cyber Security Governance.

Lead the Governance team and provided guidance in managing security governance program and initiatives.

Support establishing information security governance framework

Manage risks related to the use of information technology, information security, privacy, regulatory compliance and governance.

Drive risk management and governance strategies for emerging technology areas

Provide and support the implementation of IT GRC initiatives globally

Implement higher-level security requirements and integrate security programs across disciplines.

Maintain updated knowledge in the field of Risk management and Compliance to efficiently work on frameworks including NIST CSF, CIS Controls, GDPR, SOX 404, ITIL, etc.

Remain current with industry best practices and monitor the legal and regulatory environment for developments.

What would your work week look like?

Serve as a subject matter expert to ensure and monitor compliance with Industry and Government rules and regulations at Enterprise/Region/Site level. Conduct gap analysis and implement Standards Frameworks like ISO 27001, Privacy, GDPR, NIST, SOX

Lead and support the governance team members with managing programs and initiatives.

Develop and revise Policies, Standards, Processes and guidelines for the enterprise through change management

Conduct Vendor Risk Assessments to assess security posture of vendors against organizational security requirements. Assess design effectiveness and continually monitor operating effectiveness of controls. Track and monitor Risk Treatment plans

Overall Governance and Report Risk performance against established enterprise risk metrics

Testing of SOX- ITGC controls, monitoring and reporting. Conduct technical research to aid in threat assessment or risk mitigation activities

Advise business-led technology projects on IT risk awareness and standards compliance

Who are we looking for?

4-year University (Bachelor’s) degree in Computer Science, Information Security, Cyber Security or related field.

Minimum 7 years of experience in an Information Security/GRC role.

Minimum 3 years of experience in IT Governance Role.

Preferred 2 years of experience in Healthcare, Pharma or Bio-Technology organization.

Strong project management skills to simultaneously work on multiple projects concurrently

Enthusiastic, results oriented, having a strategic outlook for Security

Experience with managing a GRC tool application support life cycle

Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level.

Ability to drive, prioritize, and monitor security programs as per agreed timelines

Ability to react to high pressure dynamic changing environments

Ability to communicate IT risk concepts to non-technical people

Strong problem solving and analytical skills

Adaptable to shifting priorities, demands, and timelines through analytical and problem-solving capabilities. Able to react to project adjustments and alterations promptly and efficiently.

Ability to work both independently and as part of a team to deliver quality work product in a timely manner.

At Providence, we not only acknowledge differences but also honor it. We appreciate differences related to the following factors but not limited to background, education, gender, age, generation, religious background, ability, technical skills in all our employment related opportunities.

Health is a human right