Cybersecurity Compliance Analyst

Help us change lives

At Exact Sciences, we're helpingchange how the world prevents, detects and guides treatment for cancer. We give patients and clinicians the clarity needed to make confident decisions when they matter most. Join our team to find a purpose-driven career, an inclusive culture, and robust benefits to support your life while you're working to help others.

Position Overview

At Exact Sciences, we are cancer fighters. We are united by our mission to change lives by providing earlier, smarter answers. Through advances in cancer detection and treatment guidance, we will help eradicate the disease and the suffering it causes. Exact Sciences' Cybersecurity organization supports this mission by defending the millions of digital patient, practitioner, and employee lives within our environments. Defending today and securing tomorrow is no small feat. To help achieve this, the team is in search of a Cybersecurity Compliance Analyst to join our collaborative team comprised of passionate experts.

The Cybersecurity Compliance Analyst will be responsible for supporting the cybersecurity compliance efforts for the enterprise as well as continuing the advancement of the cybersecurity compliance program. This is a multi-dimensional role, with proven capability in both cybersecurity compliance skills and cultural awareness to identify, decipher, monitor, and report cybersecurity compliance adherence across the organization.

Essential Duties

Include, but are not limited to, the following:

• Support cybersecurity compliance initiatives for Exact Sciences, up to and including managing the planning, coordination, and execution of self, internal, and external cybersecurity compliance audits.
• Collaborate with various stakeholders across the organization to manage the lifecycle of a control, including new controls, modification to existing controls, or retirement of existing controls.
• Create compliance program collateral, to include procedures, work instructions, and control narratives.
• Drive education of security compliance methodology and frameworks with key business stakeholders.
• Support the continued advancement of the cybersecurity compliance program through continual controls environment evaluation, relative to industry best practices and regulatory requirements, in alignment with the risk appetite and business requirements.
• Assist with the creation and ongoing evolution of the cybersecurity compliance foundational program.
• Research and interpret industry insights and best practices, along with interpreting impact of requirements from governing authorities.
• Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork.
• Support and comply with the company's Quality Management System policies and procedures.
• Maintain regular and reliable attendance.
• Ability to act with an inclusion mindset and model these behaviors for the organization.
• Ability to travel 10% of working time away from work location. May include overnight/weekend travel.
• Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork.
• Support and comply with the company's Quality Management System policies and procedures.
• Maintain regular and reliable attendance.
• Ability to act with an inclusion mindset and model these behaviors for the organization.

Minimum Qualifications

• Bachelor's Degree in field relevant to the essential duties; or Associate Degree and 2 years of relevant experience as outlined in the essential duties; or High School Diploma or General Education Degree (GED) and 4 years of relevant experience as outlined in the essential duties.
• 5+ years of progressive professional compliance experience with cybersecurity authoritative sources (e.g., NIST, ISO, HIPAA, HITRUST, PCI).
• Solid grasp of security governance, risk, and compliance concepts.
• Experience assessing control operation and design effectiveness.
• Experience presenting compliance and risk mitigation concepts and controls rationalization to internal and external stakeholders.
• Customer-centric mindset with the ability to develop and apply complex concepts using strong analytical skills.
• Able to organize and track compliance requests.
• Technically proficient in performing assigned duties at a high-level of independence under minimal supervision while working within a team environment.
• Excellent communication skills, appropriately adapting based on audience needs, through all mediums-verbally, written, presentation, and listening.
• Able to be agile and work with ambiguity.
• Proficient+ in Microsoft Office programs, such as PowerPoint, Excel, Outlook, and Word.
• Demonstrated ability to perform the essential duties of the position with or without accommodation.
• Authorization to work in the United States without sponsorship.

Preferred Qualifications

• Relevant certification(s) in the field of cybersecurity, risk, audit, or program/project management.
• Strong project management skills a plus.
• Experience with enterprise GRC management platforms (e.g., ServiceNow, OneTrust); implementation experience a plus.
• Experience in healthcare or biotech industries.

Salary Range:

Exact Sciences is proud to offer an employee experience that includes paid time off (including days for vacation, holidays, volunteering, and personal time), paid leave for parents and caregivers, a retirement savings plan, wellness support, and health benefits including medical, prescription drug, dental, and vision coverage. Learn more about our benefits.

Our success relies on the experiences and perspectives of a diverse team, and Exact Sciences fosters a culture where all employees can develop personally and professionally with a sense of respect and belonging. If you require an accommodation, please contact us here.

Not ready to apply? Join our Talent Community to stay updated on the latest news and opportunities at Exact Sciences.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to disability, protected veteran status, and any other status protected by applicable local, state, or federal law.

To view the Right to Work, E-Verify Employer, and Pay Transparency notices and Federal, Federal Contractor, and State employment law posters, visit our compliance hub. The documents summarize important details of the law and provide key points that you have a right to know.