The Aspen Group (TAG)
retail healthcare
SrGRCAnalyst
Neural analysis suggests this role is
optimal for Senior candidates.
“Sr GRC Analyst at The Aspen Group (TAG). Skills: governance, risk management, compliance, security, GRC. supporting the security direction of the business. elevating the company’s security posture”
What You'll Achieve.
elevating the company’s security posture; safeguard against undue risk presented by external entities; reduce risk to enterprise systems and accounts; maintain and implement controls for compliance and privacy laws
Industry & Context.
Demonstrated problem-solving capabilities
What They're Looking For.
Must Have
at least five years of experience in security, compliance, or risk management, understanding of legacy systems, as well as new technologies and requirements, Experience and understanding of various regulatory requirements and laws, including but not limited to PCI, SOX, HIPAA, CCPA and GLBA, business acumen and security technology skills for well-rounded proficiency, proven ability to align with security practices and compliance responsibilities, Capacity to understand legacy and progressive technology and security controls along with respective risk, Working knowledge of technologies such as artificial intelligence, cloud computing, DevOps and application security is required, Up-to-date understanding of a wide-range of incident response, system configuration, vulnerability management and hardening guidelines, Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively, Demonstrated problem-solving capabilities, ability to manage complex local and international security requirements, Self-motivated, directed and well-organized, vision to position controls in anticipation of threats, Successful track record of managing external entities’ contracts and relationships, and mitigating risks to business development opportunities, Familiarity with state, federal and international privacy laws, Highly leads by example
Nice to Have
CISA, CRISC, CISM, CISSP, ISO 27701 Lead Implementer, at least 5 years exposure to various security frameworks, Additional experience in one or more of the following: ISO 27001/2, ITIL or NIST, Prior experience with leading GRC systems
What You'll Do.
supporting the security direction of the business
elevating the company’s security posture
support the security strategy of the business within new and existing information system capabilities
planning and design of policies and maintenance
oversees the business’ security requirements and obligations mandated by standards and regulations
assesses and validates the assurance of the security program
monitors progress and enforces resolution of outstanding issues
Conduct enterprise-wide
ongoing risk analysis in tandem with compliance and security
Maintain oversight in GRC-related platforms
Identify strengths and weaknesses in the security program as they relate to privacy
business resiliency and compliance frameworks
formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation
Maintain oversight of third parties
vendors and business partners to safeguard against undue risk presented by external entities
recommend and report program gaps to security leadership
Monitor current and proposed security changes impacting regulatory
privacy and security industry best practice guidance
Apply GRC expertise across key lines of business
practices and procedures
Ensure security and technology teams maintain up-to-date configuration documentation for systems and processes
Maintain rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts
Act as a key participant in incident response to track occurrence and resolution
with strict documentation and reporting
Work in tandem with security
audit and risk management leadership to perform ongoing security program assessments and create annual strategic technology and budgetary directives
Attend and fully engage in change and project management meetings
both internal and external
to maintain and implement controls for compliance and privacy laws
Act as a point of contact for disaster recovery and business continuity as it relates to security frameworks
compliance and privacy laws
Mentoring and coaching of junior GRC analysts
Perform other duties as assigned
How You'll Work.
Team & Collaboration
Work in tandem with security, audit and risk management leadership; Attend and fully engage in change and project management meetings; Liaise with auditors, both internal and external
Communication Scope
Exceptional written and verbal communication skills; proven ability to translate security and risk to all levels of the business
Full Job Description
The Aspen Group (TAG) is one of the largest and most trusted retail healthcare business support organizations in the U.S. and has supported over 20,000 healthcare professionals and team members at more than 1,300 health and wellness offices across 48 states in four distinct categories: dental care, urgent care, medical aesthetics, and animal health. Working in partnership with independent practice owners and clinicians, the team is united by a single purpose: to prove that healthcare can be better and smarter for everyone. TAG provides a comprehensive suite of centralized business support services that power the impact of five consumer-facing businesses: Aspen Dental, ClearChoice Dental Implant Centers, WellNow Urgent Care, Chapter Aesthetic Studio, and Lovet. Each brand has access to a deep community of experts, tools and resources to grow their practices, and an unwavering commitment to delivering high-quality consumer healthcare experiences at scale. Business needs and our continued growth has created an opportunity to join our team as a Senior GRC Security Analyst. **Job Overview:** The senior governance, risk and compliance (GRC) security analyst is a highly respected, influential and in-demand role within the business. The position is responsible for supporting the security direction of the business and elevating the company’s security posture. The senior GRC security analyst is expected to support the security strategy of the business within new and existing information system capabilities. Consequently, the position requires both an understanding of legacy systems, as well as new technologies and requirements. The senior GRC security analyst is also responsible for the planning and design of policies and maintenance. The ideal candidate is technical and possesses at least five years of experience in security, compliance, or risk management. The role oversees the business’ security requirements and obligations mandated by standards and regulations such as the
Applying for this Sr GRC Analyst role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about The Aspen Group (TAG)?
Real rants from real employees. Read before you apply.