Job Description This is a remote position.

Overview: Flexible Schedule, 30 hours per week Hours do not necessarily have to align perfectly with PST or EST, however some hours should overlap for training and collaboration.

Job Description:  Candidates should be comfortable with Information Security concepts to answer questions that we receive from customers around our security program.

We receive several questionnaires per week that include questions around security and privacy.

Day-to-day deliverables would be to answer questionnaires using trained knowledge (they would be trained thoroughly by our team + be able to refer to knowledge bases and past questionnaires).  Contractor would also help with User Access Reviews and Vendor Risk Management.  Key Tasks & Responsibilities Answer questions from customers regarding security program  Ensure proper data encryption, access controls, and storage policies Ensure security policies are understood and followed across departments Manage user access permissions, roles, and authentication protocols Evaluate and recommend security tools to enhance protection and compliance Review vendor security agreements, contracts, and risk assessments Requirements Credentials/background - Experience 2-4 years in a Governance, Security, IT Risk, and IT Compliance function.

Should be familiar with:          IT policies & procedures         IT Risk and Controls          Security frameworks: HITRUST, SOC2, NIST, etc.          Vendor Risk Management         User Access Reviews          Technical security concepts such as: Encryption, Authentication (MFA/SSO), Vulnerability Management, Network Security, Audit Logging and Monitoring, Change Management  - Strong ability to answer questions with clarity and accuracy - Familiarity with Cloud (AWS)  - Effective communicator  Requirements Key Tasks & Responsibilities Answer questions from customers regarding security program Ensure proper data encryption, access controls, and storage policies Ensure security policies are understood and followed across departments Manage user access permissions, roles, and authentication protocols Evaluate and recommend security tools to enhance protection and compliance Review vendor security agreements, contracts, and risk assessments Requirements Credentials/background - Experience 2-4 years in a Governance, Security, IT Risk, and IT Compliance function.

Should be familiar with: - IT policies & procedures - IT Risk and Controls - Security frameworks: HITRUST, SOC2, NIST, etc.

- Vendor Risk Management - User Access Reviews - Technical security concepts such as: Encryption, - Authentication (MFA/SSO), Vulnerability Management, Network - Security, Audit Logging and Monitoring, Change Management - Strong ability to answer questions with clarity and accuracy - Familiarity with Cloud (AWS) - Effective communicator