Continuity & Security Assurance Analyst

Job summary

Lees Summit

Work model

Hybrid
1 month ago
Job description

Government Employees Health Association, Inc. (G.E.H.A) is a nonprofit member association that provides health and dental benefits that millions of federal employees and retirees, military retirees and their families have counted on since 1937. Offering one of the largest health and dental benefit provider networks available to federal employees in the United States, G.E.H.A empowers health and wellness by meeting its members where they are, when they need care.

G.E.H.A has one mission: To empower federal workers to be healthy and well.

The Continuity and Security Assurance Analyst supports G.E.H.A's Cybersecurity and Information Protection (CIP) program by executing security, compliance, and business continuity initiatives. This role is responsible for assessing controls, monitoring compliance with regulatory and internal standards, supporting audit activities, and contributing to the resilience and security posture of G.E.H.A's systems, data, and third-party relationships.

Key Responsibilities

  • Develop and execute security, compliance, and risk assessment plans aligned to regulatory requirements, industry standards, and G.E.H.A policies.
  • Monitor security programs and systems, analyze logs and activities, and identify control gaps, anomalies, or areas of elevated risk.
  • Perform audits across key control areas, including Data Loss Prevention (DLP), inbound email security/quarantine processes, and user access management.
  • Perform and support periodic user access control reviews, including validation of user entitlements, identification of inappropriate or excessive access, coordination with business owners, and tracking remediation of identified issues.
  • Review and troubleshoot compliance requests to ensure alignment with G.E.H.A security policies, standards, and applicable legal/regulatory requirements.
  • Conduct ongoing compliance monitoring activities, including documentation, evidence collection, and remediation tracking for identified issues.
  • Evaluate existing processes and controls, identify areas for improvement, and develop actionable remediation plans to strengthen compliance and security posture.
  • Support internal and external audits by preparing documentation, coordinating responses, and validating control effectiveness.
  • Create, maintain, and enhance security documentation, procedures, and control artifacts to support governance and audit readiness.
  • Support the execution of security awareness and training initiatives.
  • Contribute to the development and continuous improvement of programs that ensure the availability and resilience of G.E.H.A's information systems and data.
  • Support the Business Continuity and Disaster Recovery (BCDR) program, including planning, documentation, testing, and continuous improvement activities.
  • Assist in the Third Party Risk Management program, including review and analysis of third-party maturity assessments, SOC reports, and HITRUST certifications.
  • Monitor third-party security posture and identify risks, gaps, and opportunities for improvement across G.E.H.A's vendor ecosystem.

Experience and Education

  • Bachelor's degree in Computer Science, Information Systems, or a related discipline.
  • Three (3) or more years of experience in Information Technology, Information Security, IT Assurance, Risk Management, Governance, or Business Continuity.
  • Equivalent combinations of education and additional experience may be considered in lieu of formal degree or certification requirements.

Certifications

  • One or more industry certifications such as CISSP, HCISPP, CRMA, CGEIT, CRISC, CISM, CISA, CBCP, GIAC, or similar governance, risk, security, or BCDR certifications.

Technical and Functional Knowledge

  • Working knowledge of governance, risk, and compliance frameworks such as COSO, COBIT, ITIL, ISO 31000, ISO 27002, ISO 22301, NIST CSF, NIST 800‑53, and SANS Critical Security Controls.
  • Experience with enterprise Governance, Risk, and Compliance (GRC) platforms (e.g., Archer, MetricStream, LockPath, etc.).
  • Proficiency with Microsoft Office applications.

Skills And Competencies

  • Strong analytical and problem-solving skills with the ability to identify risk and recommend practical solutions.
  • Effective written and verbal communication skills, including the ability to translate technical risks into business-focused language.
  • Ability to build relationships, influence stakeholders, and collaborate across multiple business units and teams.
  • Strong organizational skills with the ability to manage multiple priorities in a fast-paced environment.
  • Customer service orientation with a focus on delivering high-quality, accurate outcomes.
  • Effective presentation and interpersonal skills.

Work-at-home Requirements

  • Must have the ability to provide a non-cellular High Speed Internet Service such as Fiber, DSL, or cable Modems for a home office.
  • A minimum standard speed for optimal performance of 30x5 (30mpbs download x 5mpbs upload) is required.
  • Latency (ping) response time lower than 80 ms.
  • Hotspots, satellite and wireless internet service is NOT allowed for this role.
  • A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information.

How We Value You

  • Competitive pay/salary ranges.
  • Incentive plan.
  • Health/Vision/Dental benefits effective day one.
  • 401(k) retirement plan company match -- dollar for dollar up to 4% employee contribution (pretax or Roth options) plus a 6% annual company contribution.
  • Robust employee well-being program.
  • Paid Time Off.
  • Personal Community Enrichment Time.
  • Company-provided Basic Life and AD&D.
  • Company-provided Short-Term & Long-Term Disability.
  • Tuition Assistance Program.

While this is a remote opportunity, at this time G.E.H.A does not hire employees from U.S. territories or the following states: Alaska, Hawaii, California, Washington, Oregon, Colorado, Wyoming, Montana, New York, Connecticut, Vermont, Pennsylvania, Maine.

The target hiring range for this position is $75,862 - $95,970 USD. At G.E.H.A, the current maximum salary for this role is $106,938 USD.

G.E.H.A is an Equal Opportunity Employer. We are committed to creating an inclusive environment for all employees.