SOC2 Audit Security Analyst

SOC2 Audit Security Analyst

Location: Remote

Annual Compensation: $85,000 - $95,000

Why Choose GMR? Global Medical Response (GMR) and its family of solutions are dedicated to delivering compassionate, quality medical care, primarily in the areas of emergency and patient relocation services. Here you'll embark in meaningful work that will make an impact on you and the customers we service. View our employees' stories on how we provide care to the world at www.AtaMomentsNotice.com.

Learn how our values are at the core of our services and vital to how we approach care and check out our comprehensive benefit options at GlobalMedicalResponse.com/Careers.

The SOC2 Audit Security Analyst will be responsible for managing the planning, scheduling, evidence collection and evaluation, documentation, and delivery, of required audit materials to third-party vendor auditors. They will support with the auditors the production of the final SOC2 Type II reports, which include HIPAA controls. This individual's focus will be assisting in receiving favorable final SOC2 Type II reports within established timelines, while acting as a liaison between GMR Subject Matter Experts, Application/System Owners, and the external vendor auditor. This individual will have proven competencies and exposure within Information Technology and/or Auditing domains. This individual will work in a coordinated team environment and will need logical data and information analysis and evaluation skills and the ability to communicate requirements clearly to stakeholders.

Responsibilities:

• Act as an audit focal point, delivering a disciplined approach to preparing, requesting, tracking, and reviewing audit documentation to meet controls.
• Organize, review, and evaluate controls and evidence and provide guidance and feedback to stakeholders from all areas of the company to respond to the controls.
• Ability to understand, revise, and communicate control objectives and identify where there may be gaps in process, procedures, and/or policy to meet those controls. Assign and track appropriate remediation.
• Understand GMR operations and technical environments, with an emphasis on process, procedure, and policy.
• Ability to develop and promote strong long-term partnerships with GMR Subject Matter Experts, Application/System Owners, and external vendor auditors.
• Develop, maintain, and follow a schedule to ensure audit deliverables are obtained as required to meet audit deadlines.
• Engage with all areas within GMR, including technical and non-technical stakeholders to assign work deliverables, and provide rigorous consistent follow-up on the status of the deliverables required.
• Proactively identify and manage risks or issues that require escalation to keep deadlines on track.
• Ability to critically evaluate controls and output provided to ensure the spirit of and evidence requirements for the controls are met.
• Manage and adjust/reprioritize workload to meet audit deadlines.
• Prepare weekly team status reports for leadership.
• Supervise and mentor other SOC2 Type II Audit Associates and stakeholders to ensure audit objectives are met and to assist with GMR and audit knowledge transfer.

Qualifications:
Education & Industry Experience

• Bachelor's degree in Accounting Information Systems, Business Management Information Systems (MIS), Information Security and Assurance, Risk Management, or related major. Four years of Governance, Risk, Compliance or Audit experience can be substituted.
• CISA (Certified Information Systems Auditor)
• Knowledge of audit concepts, control environment review, evaluation techniques, and general business acumen.
• A broad-based understanding of audit management practices and experience supporting audits through to conclusion.
• Direct experience with SOC2, SOC1, ITGC, or other related audits preferred.
• Ability to manage comprehensive audit control sets, define, document, and effectively collect and organize large amounts of data to address evidence requirements, and clearly communicate the output to auditors.
• Requires detail oriented, analytical ability, consultative skills, critical thinking, and the ability to work effectively in a cross-functional, multi-disciplinary, team environment.
• Ability to understand, develop expertise, and adjust quickly to new technologies, industry, and organizational changes, and to modify associated audit requirements and documentation accordingly.
• Requires strong verbal and written communication skills to effectively communicate, educate, and influence individuals from all areas and levels of the organization.
• Excellent interpersonal skills with the ability to collaborate to build strong relationships cross functionally and with external vendor auditors.
• Consistent professional demeanor with the ability to convey feedback and question accuracy and completeness of the data provided.
• Takes initiative and possesses the confidence to identify attestation examination issues and propose a solution to add value, not just check the box.
• Adaptability to manage and coordinate multiple project assignments with critical deadlines in a complex fast-paced environment.
• Strong project coordination ability, with proven success in driving deliverables with varied organizations for on time, on budget and in scope delivery.

Global Medical Response and its family of companies are an Equal Opportunity Employer, which includes supporting veterans and providing reasonable accommodations for individuals with a disability.

Check out our careers site benefits page to learn more about our comprehensive benefit options, which include medical, vision, dental, 401k, disability, FSA, HSA, EAP, vacation and paid time off.