Skip to content

Principal Cyber Risk Analyst

General information

Location:

Lowell - Massachusetts - USA, USA - USA - Remote, Weston - Florida - USA

Function:

Governance, Risk & Compliance

Ref #:

20210020505

Description & Requirements

Description

This position works as part of the Governance, Risk, and Compliance (GRC) department, which is responsible for the management of cyber risk across the enterprise.  The role offers the opportunity to be engaged in all facets of cyber risk including security, privacy, and risk management, and security and compliance program development.  As a member of the department, the individual will be committed to overall data protection risk management and its role in the company's continued success.  The Principal Cyber Risk Analyst is a highly visible role that interfaces with key stakeholders in the organization and may also support UKG customers and Partners. The position demands an organized, action-oriented team player with the ability to prioritize daily work and support multiple initiatives simultaneously; strong communication and customer focus are required. The ideal candidate has prior experience or is familiar with SaaS (Software-as-a-Service) architecture, security, operations.

RESPONSIBILITIES
• Advise and support stakeholders responsible for customer hosted environment to ensure control activities are designed and implemented appropriately to protect the security, confidentiality, privacy, integrity, and availability of data in compliance with organization policies and standards
• Conduct risk assessments in hosted environment and collect evidence in support of audits
• Coordinate with external auditors conducting annual compliance audits by reviewing all evidence to confirm it satisfies the items included in the document request list
• Utilize industry experience and knowledge to provide expertise and support to ensure product’s security framework remains in compliance with applicable regulations such as the HIPAA Security and Privacy Rules, SOC2, and ISO27001/17/18.
• Generate relevant documentation to support/streamline the audit process (e.g. how-to documents, narratives, etc)
• Assess the internal design of relevant integrations and identify risks to the environment and/or organization
• Guide resources responsible for monitoring control activities and collaborate to identify mechanisms to report results/trends to key stakeholders
• Provide expertise in support of new product development activities to ensure products comply with information security and privacy standards
• Support the development, implementation, and updating of security policies and procedures
• Perform additional duties and projects as assigned by management

Qualifications

• BS/BA degree in Computer Science or IT audit related discipline or equivalent experience and a minimum of 7-9 years work experience in information security governance and/or related functions (such as IT audit or IT Risk Management)
• Working experience with the HIPAA compliance framework
• Demonstrated experience with information security frameworks including SOC 2 and/or ISO27001/17/18
• Experience working in information security, risk management or IT audit
• Strong business acumen to include strong verbal and written communication skills
• CISA, CISM, CRISC, CISSP, or similar security certification preferred
#LI-POST
#LI-REMOTE

Corporate overview

Here at UKG, Our Purpose Is People. UKG combines the strength and innovation of Ultimate Software and Kronos, uniting two award-winning, employee-centered cultures. Our employees are an extraordinary group of talented, energetic, and innovative people who care about more than just work. We strive to create a culture of belonging and an employee experience that empowers our people. UKG has more than 13,000 employees around the globe and is known for its inclusive workplace culture. Ready to be inspired? Learn more at www.ukg.com/careers

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. 


View The EEO is the Law poster and its supplement. 

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here.


Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com or please call 1 (978) 250 9800.

Apply