Job Description

Requisition Id:
REQ20013767

Intake call recording

 POSITION SUMMARY

Working within the Information Risk Management department, the SOC2 Senior Analyst  will support governance, risk, and compliance initiatives and perform  key day-to-day activities to help deploy and maintain the SOC2  attestation portfolio.  This individual will help create and maintain  risk assessments to facilitate scoping and defining boundaries of the  system. This individual will facilitate control mapping, control gap  identification, gap remediation and mitigation.  This individual will  assist in ensuring compliance to SOC2 SSAE 18 AICPA reporting standards  along with an understanding of the Security, Availability,  Confidentiality, Processing Integrity, and Privacy Trust Service  Principles.

ESSENTIAL FUNCTIONS

  • Develop  and maintain SOC2 scoping documentation including system understanding,  process flows, and system infrastructure diagrams.
  • Perform control alignment validation
  • Facilitate in identifying controls gaps ensuring sufficient remediation plans and tracking to timely resolution
  • Provide information for status reports and support stakeholder communications.
  • Facilitate system and control understanding walkthrough meetings
  • Update and maintain system and process narratives
  • Support GRC tool implementation and workflows.
  •  
  • QUALIFICATIONS
  • Bachelor’s degree in related field or equivalent work experience.
  • Three to five years experience, Public Accounting experience preferred.
  • Experience  with SOC2 reporting engagements, and Security, Availability,  Confidentiality, Privacy, and Processing Integrity Trust Service  Principles.
  • Microsoft Office and ability to adapt to ESI proprietary systems.
  • Information technology risk management experience and proven ability to meet deadlines.
  • Understanding of information risk management concepts.
  • Ability to adapt in a dynamic work environment, learns quickly, solve problems, and make decisions with minimal supervision.
  • Excellent verbal and written communication and presentation skills.
  • Demonstrated ability to coordinate people and teams cross functionally to resolve complex issues with designated time frames.
  • Ability to develop process documentation.
  •  
  • ABOUT THE DEPARTMENTDo  you enjoy the challenge of defending an enterprise from security  breaches? Come put your skills to work at an organization trusted to  protect client, patient and company data amid the ever-changing  landscape of information security threats and risks. Our cyber defenders  are challenged and trusted with maintaining our secure infrastructure  day in and day out, while delivering an enterprise computing environment  that is resilient to breaches and disruptions. If you’re as passionate  about data security as we are and want to be at the center of our noble  mission to make healthcare safer and more affordable, explore our  opportunities.
  •  
  • ABOUT EXPRESS SCRIPTS Advance your career with the company that makes it easier for people to choose better health.Express  Scripts is a leading healthcare company serving tens of millions of  consumers. We are looking for individuals who are passionate, creative  and committed to creating systems and service solutions that promote  better health outcomes. Join the company that Fortune magazine ranked as  one of the "Most Admired Companies" in the pharmacy category. Then, use  your intelligence, creativity, integrity and hard work to help us  enhance our products and services. We offer a highly competitive base  salary and a comprehensive benefits program, including medical,  prescription drug, dental, vision, 401(k) with company match, life  insurance, paid time off, tuition assistance and an employee stock  purchase plan.

More Information About the Job

Is Relocation Available?
Yes, nationwide

Is there a bonus structure?
10%

Are you open to sponsorship?
No

This position is:
New Position

Is there a possibility to work remote?
No

Is there equity?
No

Are there flexible work hours?
Yes

Does this position have direct reports?
No

Who does this position report to?
Director - IT Regulatory Compliance (SOC2 focus)

What are the 3-4 non-negotiable requirements on this position?
Develop and maintain SOC2 scoping documentation including system understanding, process flows, and system infrastructure diagrams. Perform control alignment validation Facilitate in identifying controls gaps ensuring sufficient remediation plans and tracking to timely resolution Provide information for status reports and support stakeholder communications. Facilitate system and control understanding walkthrough meetings

What are the nice-to-have skills?
Big4 (or second tier) public accounting experience

What is exciting about this opportunity? Please use this section to describe team and company culture.
Candidates can work from these locations: Franklin Lakes, NJ Bloomington, MN Sr. Louis, MO New and exiting program at ESI. Will be building this group from the ground up with lots of exposure to senior leadership at ESI. Will be driving change with the organization and it's success. This group is a serious point of focus for ESI.

 

If an Accepted Candidate independently pursues another position at Express Scripts, no Placement Fee will be due if the Candidate is Hired for the other position, even if Hired within 6 months of Acceptance. Independent pursuit means Express Scripts did not learn about the Candidate or the Candidate did not learn about the other job as a result of either being submitted to this job or from the Scout Search Firm.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online