Responsibilities

Controls & Compliance

• Work with business and technology delivery teams to maintain an effective suite of applicable compliance
  controls, adapting to changes in products, business processes, and technology solutions when necessary.
• Assist with continually improving information security policies, procedures, standards and guidelines, and
  monitor their approval, dissemination, and maintenance.
• Perform risk assessments and pre-implementation reviews to determine security, operational, and
  compliance risks and opportunities, and formulate clear recommendations for management’s
  consideration.
• Identify, understand, and document processes and procedures surrounding IT internal controls.
• Participate in oversight of third-party relationship risk management with respect to IT controls.
• Cross train on Compliance program(s) to ensure proper coverage/backups and also hinder duplication
  across programs.

Audit Management

• Maintain internal audit program for the assigned Compliance program(s).
• Document and report on inconsistencies between control evidence and policies/procedures.
• Assist teams to implement assessment or audit finding remediation plans, while minimizing the impact on
  the business.
• Conduct follow-up reviews of any deficiencies noted during audits.

Customer Touchpoints

• Attend client audits to respond to queries related to assigned Compliance program(s).
• Respond to/review customer RFI/RFP and security questionnaires

Qualifications

• 2+ years of compliance experience in a Governance, Risk, Compliance function
• 2+ years of experience in a technical role (IT or software development) preferred in Healthcare Industry
• Basic knowledge of NIST and/or ISO standard framework
• Resourceful in an ambiguous environment
• Exceptional problem solving and communication skills
• Top notch organizational and time management skills
• Desire to continuously improve the business and one’s own knowledge
• Knowledge of current Governance, Risk and Compliance (GRC) technological tools and methodologies
• Understanding of GRC tooling and platforms, experience with Atlassian products and/or SharePoint in the delivery of documentation
• Knowledge of US and international regulations and laws related to IT-related compliance standards within the
  financial services industry is a plus

Certara bases all employment-related decision on merit, taking into consideration qualifications, skills, achievement, and performance. We treat all applicants and employees without regard to personal characteristics such as race, color, ethnicity, religion, sex, sexual orientation, age, nationality, marital status, pregnancy, physical or mental condition, genetic information, military service, or other characteristic protected by law.