Sr. Information Security GRC Specialist

Are you ready to join a growing team that puts a premium on productivity and has an award-winning culture, centered around transforming talented employees into effective business leaders? Then BHG Financial is the place for you. We offer innovative financial solutions to licensed and highly-skilled professionals, representing the best of both traditional lending and fintech, and are looking for passionate, impact players to help take our company to the next level.  At BHG, you’ll become immersed in the finance industry—with a variety of loan solutions, credit cards, patient financing, bank programs, and collections services, which have helped BHG become one of the leading providers of finance solutions.  With over 20 years in business, we have the stability of an established company with the speed and agility of a startup, where ingenuity and risk-taking are encouraged, and every employee has the opportunity to learn, grow and thrive. Who You AreYou are a motivated IS professional who is passionate about governance, risk, and compliance (GRC). You excel at producing results and have experience in an audited environment. You are an energetic, highly motivated individual, and thrive in a fast-paced environment where you can assist BHG in meeting its compliance requirements and reducing risk to the BHG brands.

What You'll Do

• You will assist in the development, maintenance, and enhancement of the IS GRC Program by collaborating with the overall IS Team as well as multiple BHG stakeholders.
• Serve as a point of contact and subject matter expert for BHG's Business Continuity and Disaster Recovery Program.
• Build relationships with stakeholders, working with them to maintain the BC/DR program to ensure adequate resources and documentation are in place to support recovery efforts.
• Coordinate the resting of BC/DR plans to verify the ability to meet Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO).
• Assisting in the development and maintenance of IS policies, standards, and procedures.
• Maintaining and reporting out IS metrics, detailed and board level.
• Supporting security awareness training and activities throughout the organization.
• Assisting in developing enterprise and functional team-specific presentations to promote a security mindset.
• Perform IS risk assessments on strategic initiatives and internal systems.
• Support developing remediation plans for issues and risks, coordinate activities with owners, and track remediation to completion.
• Analyzing third parties for adherence to BHG policies and standards.
• Evaluating risks related to policy and standard exceptions.
• Helping respond to customer or other third-party inquiries related to BHG’s IS program.
• Coordinating audits and information gathering for financial audits, SOC 2 examinations, third-party assessments, etc. while ensuring a timely response.
• Performing control assessments against BHG’s control framework.
• Identifying opportunities for automation and process efficiencies and assisting in the implementation of GRC toolsets.
• Collaborating with other BHG teams such as Enterprise Risk Management (ERM), product, Legal, People Development (PD), etc. to ensure BHG is complying with policies, standards, and regulatory requirements.
• Working with the GRC Team to ensure the BHG stays abreast of new regulatory, legal, compliance, and security requirements. 
• Performing other duties as required.

What You'll Need

• At least four (4) years of proven experience in the IS GRC field or a combination of experience in related disciplines.
• Experience in a BC/DR role, with a solid understanding of planning and testing.
• Bachelor’s Degree, ideally in Computer Engineering, Computer Science, or Information Systems Management or equivalent work experience in the field of IS.
• Possess current or working towards relevant certifications (e.g., CISA, CISM, CRISC, etc.). 
• Knowledge of compliance requirements such as FFIEC, PCI, SOX, GLBA, CCPA, etc.
• Knowledge of IS frameworks such as SOC 2, NIST, ISO, FISMA, etc.
• Knowledge of IS risk frameworks such as OCTAVE, FAIR, ISACA Risk IT, ISO 27005, NIST 800-30, etc.
• Problem analysis and resolution at both a strategic and functional level.
• The ability to organize and manage multiple priorities.
• Strong documentation skills.
• Excellent interpersonal and communication skills.
• Ability to translate technical requirements to business objectives.

Life at BHGAt BHG, we work hard and aren’t afraid to take risks. Since the beginning, our core values of PMA (positive mental attitude), team player and loyalty have been the driving force behind every interaction we have between each other and our customers. We have a healthy respect for the daily grind, yet we value work/life balance. We believe that all employees should have the opportunity to lead and that good ideas can come from anyone. From the top-down, our leaders are actively involved not only in strategic oversight and running the business, but also in the wellbeing and growth of all employees. We consider people our #1 asset, and help employees realize their full potential, set and exceed their goals, and explore new opportunities for personal and professional development.Why You Should Join BHGWe strive to offer amenities, opportunities, events, and programming that support the interests of our teams, while furthering the culture that makes us Great Place to Work® certified. Some of the benefits you can expect when you join BHG include: ·         100% coverage of monthly health insurance premiums·         Competitive PTO and vacation policies·         Company 401(k) plan with employer contributions after one year·         On-site gym access and memberships, with personal trainers, and certified nutritionists on staff·         Company-sponsored training and certification opportunities·         Monthly award ceremonies where top achievers are celebrated and receive additional bonuses·         Ongoing volunteer opportunities to give back to the community through our BHG Cares program If you’re ready for a career where you can exercise your passions, be surrounded by co-workers who are relentlessly committed to service, and have a team-player mindset, apply today! ** All Remote employees at BHG Financial are required to work within the United States of America. BHG Financial is committed to equal treatment and opportunity in all aspects of recruitment, selection, and employment without regard to gender, race, religion, national origin, ethnicity, disability, gender identity/expression, sexual orientation, veteran or military status, or any other category protected under the law. BHG Financial is an equal opportunity employer; committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.#LI-Remote