Sr. Security Governance, Risk, and Compliance Analyst

About The Opportunity

At Medifast, our team members are relentless in our mission of driving Lifelong Transformation, One Healthy Habit at a Time®. When you join Medifast, you become part of a dynamic, fast-growing community of highly motivated, like-hearted people who share a passion for promoting health and wellness. Just as OPTAVIA Coaches inspire Clients to reach their personal wellness goals, at Medifast, we inspire each other to bring our best to work each day to further our shared mission. If you want to build a rewarding career that makes lives better on a daily basis, Medifast may be the perfect place for you.

Overview Of Position

Provide assistance with Sarbannes Oxley (SOX) related projects and other risk or compliance related projects. This would include SOX remediation from our audits, the implementation and rollout of SOX-related initiatives, helping with IT General Controls and completing user access reviews (UAR) and change management reviews (CMR).

Opportunity Highlights

This position will have opportunities within our SOX compliance area, but also within our overall Compliance, Risk and Data Privacy areas including HIPAA, CCPA and ADA.

Job Responsibilities

1. Assist with quarterly SOX UAR processing. Builds positive working relationships with control and application owners. Assists with validating audit evidence and investigating issues in the UAR process. This will include running jobs that load data, reconciling files, excel spreadsheets and other various data sources. This might include building scripts to create automated integrations.
2. Assist with quarterly SOX CMR processing. Builds positive working relationships with control and application owners. Assists with validating audit evidence and investigating issues in the CMR process. This will include running jobs that load data, reconciling files, excel spreadsheets and other various data sources. This might include building scripts to create automated integrations.
3. Participate in overall SOX walkthroughs to gain an understanding of current processes and controls. Gains knowledge and understanding of Enterprise applications for SOX controls. Participates in scoping activities for SOX Applications, system changes and business transformation projects. Drives continual improvement and maturity of the IT SOX program through training, facilitation of SOX Auditors and creation of supporting materials for IT Control owners. Maintain status reports and key metrics to support IT Risk and Compliance.
4. Assist with other Compliance, Risk and Data Privacy work including support for HIPAA, CCPA, ADA etc.

Scope

• Main Scope will be completing UAR’s and CMR’s for SOX Compliance.
• This position will work with all departments and all levels of the organization.

Knowledge, Education, Skills & Abilities

REQUIRED EXPERIENCE

• Bachelor's Degree preferred in Information Systems, Computer Science, Accounting, Business or related field of technical discipline or equivalent working experience to substitute for college degree.
• 5+ years of relevant work experience designing and testing SOX IT General Controls (ITGC), including segregation of duties assessment, identification and analysis of risks and evaluating controls.
• Experience working on and helping lead IT general controls remediation projects.
• Intermediate to advanced skills and hands-on experience in building tools and presentations with Microsoft Word, Excel, PowerPoint and other similar tools.
• Strong team player that can work across all departments and all organizational levels in Medifast.
• Ability to collaborate with teams that are geographically distributed and work across different time zones.
• Strong interpersonal skills with the ability to work effectively in a matrixed organization.
• Thorough, detail-oriented, strong analytical ability, critical thinking, decision making and problem-solving techniques.
• Ability to work independently on given tasks and complete those tasks timely based on agreed upon schedules.
• Excellent communication skills, verbal, written and listening.
• Excellent time management, prioritization and multi-tasking skills.
• Ability to influence change and deal with ambiguous or challenging situations.

PREFERRED EXPERIENCE

• Previous internal or external audit experience.
• Experience with a Big 4 firm or SOX Compliance work with a publicly traded company.
• Familiar with leading practice iT controls framework and audit methodologies and IT industry standards (e.g. COBIT, ISO, CMM, ITIL, PCI, NIST, SSAE 18 SOC, etc.).
• Strong understanding of regulatory concerns, especially IT Sarbannes Oxley (SOX), PCI, and HIPAA.
• Intermediate knowledge of evaluating internal controls, developing recommendations, designing, and implementing solutions.
• Basic knowledge of project management principles.
• Knowledgeable in Identity and Access Management.
• Technical experience writing scripts to integrate data into compliance systems.
• Technical experience with Sql, Python or similar data integration tools/languages.
• Experience supporting Compliance areas like ADA, CCPA and HIPAA.

At Medifast, Relationships Are At The Center Of What We Do!

We thrive by elevating our connections with one another as well as with our Coaches & Clients. We believe that everyone has the potential to be OUTSTANDING. The Medifast culture is built on seven core values: integrity, courage, teaming, accountability, empowerment, partnership and diversity. These values aren’t just words on a page – they are celebrated as a core part of the company’s philosophy.

We Lead By…

Mastering Relationships: We build trust, promote collaboration and we are reliable.

Being innovative: We strive to improve things in our areas of influence; test, refine and expand within the business strategy; and reach beyond real and perceived boundaries.

Simplifying: We are committed to making things measurable, repeatable and scalable; focusing on outcomes not activities; and eliminating complexity to increase focus.

Anticipating: We predict long-term business and organizational needs; challenge assumptions; and expect and prepare for the unexpected.

About Medifast®
Medifast (NYSE: MED) is the health and wellness company known for its habit-based and coach-guided lifestyle solution OPTAVIA®, which provides people with a simple yet comprehensive approach to address obesity and support a healthy lifestyle. OPTAVIA's holistic solution includes lifestyle plans with clinically proven health benefits, scientifically developed products, and a framework for habit creation – all reinforced by independent coach support for customers on their weight loss journeys. Through its collaboration with national virtual primary care provider LifeMD® (Nasdaq: LFMD) and its affiliated medical group, the holistic solution now includes access to GLP-1 medications where clinically appropriate. Medifast remains committed to its mission of offering Lifelong Transformation, Making a Healthy Lifestyle Second Nature™. Visit the OPTAVIA and Medifast websites for more information and follow Medifast on X and LinkedIn.

high111