Healthcare’s helping hand. CHG shook things up in 1979 by inventing the locum tenens staffing model. We connect doctors with patients who need their care. As the largest physician staffing firm in America, our providers treat millions of patients each year. Our industry is growing and demand is high. This means you’ll have plenty of opportunities to grow and develop in your career. Keeping healthcare healthy can be as fun as it is rewarding Information Security & Privacy is looking for a Product Security Analyst to join our team. The Product Security Analyst will establish Product risk management framework and governance processes across CHG Healthcare's multi-brand portfolio. As a Product Security Analyst on the ISP team you will lead data classification initiatives, manage risk acceptance processes, and deliver executive security reporting. This role will report to the Sr. Manager Application Security. Responsibilities - Lead data classification initiatives across CHG's systems, ensuring proper handling of sensitive healthcare data - Establish and manage formal risk acceptance processes with business teams, facilitating informed security decisions - Develop and deliver monthly executive security risk reports with metrics and trending analysis - Leverage AI tools to analyze security data, identify patterns, and generate actionable insights at scale - Support roadmap deliverables focused on building risk management and governance capabilities Qualifications • Strong understanding of information security principles, risk assessment methodologies, and data classification • Experience developing and presenting security metrics and reports to executive audiences • Excellent analytical skills to synthesize complex information into clear recommendations • Ability to creatively use AI tools to enhance analysis, reporting, and communication workflows • Strong stakeholder management and communication skills across technical and business teams Education & Experience • 3+ years of experience in security analysis, risk management, or GRC (Governance, Risk, and Compliance) roles • Bachelor's degree in Information Security, Risk Management, Business Administration, or related field, or equivalent work experience Preferred • Experience in healthcare or highly regulated industries • Security or risk management certifications such as CISSP, CISM, CRISC, or CGRC • Knowledge of HIPAA, SOC 2, ISO 27001, and other compliance frameworks • Experience with GRC platforms (ServiceNow GRC, Archer, LogicManager, etc.) We believe in fair compensation for all of our people, which is why our pay structure takes into account the cost of labor across U.S. geographic markets. For this position, we offer a pay range of $74,100 -- $143,300 annually, with pay varying depending on work location and job-related factors such as knowledge, position level and experience. During the hiring process, your recruiter can provide more information about the specific salary range for the job location. CHG Healthcare offers starting salaries for sales positions in the form of total target compensation (TTC = base + commission + bonus), which includes base pay, commission, and bonuses. Sales positions receive short-term incentives through commission plans and bonuses. On the other hand, non-sales positions have starting salaries that consist of a base salary and short-term incentives through various bonus plans, which are paid out monthly, quarterly, or annually. #LI-MJ1 In return we offer: • 401(k) retirement plan with company match • Traditional healthcare benefits such as medical and dental coverage, and some unique benefits like onsite health centers, corporate wellness programs, and free behavioral health appointments. • Flexible work schedules - including work-from-home options available • Recognition programs with rewards including trips, cash, and paid time off • Family-friendly benefits including paid parental leave, fertility coverage, adoption assistance, and marriage counseling • Tailored training resources including free LinkedIn learning courses • Volunteer time off and employee-driven matching grants • Tuition reimbursement programs Click here to learn more about our company and culture. CHG Healthcare values a diverse and inclusive workforce. Interested in this role but not a perfect fit? Apply anyway. We welcome applicants of any race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status and individuals with disabilities as an Affirmative Action/Equal Opportunity Employer. We are an at-will employer. What makes CHG Different?

Role Description We are seeking a detail-oriented Governance Risk and Compliance (GRC) Analyst to join our Security and Compliance team. The GRC Analyst will work in a collaborative fashion with our internal teams and external partners to manage Security & Compliance risk. Our preference for this role is those who have solid experience in technology, information security or compliance, and have significantly contributed to SSAE18, SOC 2, Payment Card Industry (PCI) ROC and/or ISO 27001 audits. We're looking for team players who want to challenge themselves within a growing company, and are as comfortable talking with senior management about information risk, as they are with IT staff. Therefore, if you thrive in a dynamic environment, then maybe you are the one we’re looking for! This position is a remote position reporting to the Senior Director of Governance, Risk & Compliance. Responsibilities - Conducts audits of internal information security, compliance and privacy processes. - Ensures timely resolution to all audit and risk assessment findings or issues. - Manages OneTrust GRC reporting portal. - Appropriately communicates audit reports, gaps or recommendations to company management, and tracks any open concerns or questions to resolution. - Identifies potential technologies, processes or solutions that could improve the security posture of the company. - Contributes to the development of security standards, access controls, and compliance requirements of applications, network infrastructure, servers and workstations. - Serves as subject matter expert regarding information security and compliance policy. - Maintains awareness of current and emerging threat landscapes. - Assists in reporting security & compliance metrics to management. - Supports additional audit and governance functions as assigned. - Earns the trust and respect of the Direct Travel team. - Grows into a role with increasing responsibility. Qualifications - Direct experience with achieving successful annual PCI Compliance, SSAE18 SOC 2 attestations and/or ISO 27001 certifications. - 1-3 years of experience leading information security audits with a preference for ISO 27001 and SOC 2 audits or assessments. - 1-3 years of experience as an IT, security or compliance analyst, with experience developing security strategy and policy. - Experience authoring policies and procedures. - Solid knowledge of ISO 27001, NIST 800-53, NIST 800-171, NIST CSF. - Experience with full Governance, Risk Management and Compliance Lifecycle. - Personal integrity. - Self-motivated, self-disciplined, and self-governed. You hold yourself to a higher standard than others. - Highly consultative and collaborative nature. - Excellent communications and presentation skills, with the ability to convey complex technology concepts to non-technology stakeholders. - The discipline to work effectively from remote location. - Degree in computer science, information systems, information security, or a related discipline. Equivalent work experience will also be considered. - Experience with Payment Card Industry (PCI) Compliance. - Excellent analytical and stakeholder engagement skills. - Strong organization and planning skills. - Successfully pass background check. - Must be able to lawfully work within the US and have unrestricted work authorization for US. - Ability to travel up to 15% if required. Benefits - In addition to Medical, Dental, and Vision benefits, Direct Travel offers an employee rewards and recognitions program. - Total Rewards Package which includes Wellness, Sustainability, DE&I initiatives, and Mental Health Support. Company Description Direct Travel is a leading provider of corporate travel management services. The company has been providing travel management for over 40 years, working with clients to develop highly customized travel programs. By leveraging both the expertise of its people and innovative solutions, Direct Travel enables clients to derive the greatest value from their travel program in terms of superior service, progressive technologies and significant cost savings. Direct Travel has offices in over 70 locations across North America and the UK and is currently ranked 12th on Travel Weekly’s Power List. For more information, visit www.dt.com . Direct Travel is an EOE/AA/Veteran/People with Disabilities employer. If you're ready to chart a new course and advance your career with the valuable moments and travel experiences that await, we welcome you to submit your resume for consideration at Direct Travel.

At L.L.Bean, we believe the outdoors brings out the best in all of us. We are committed to fostering a culture of belonging and creating safe, inclusive spaces where everyone feels welcome—both here and Outside. We value individual differences and are dedicated to maintaining an inclusive work environment where everyone can bring the best of their experience and talents and truly thrive. Position Purpose: Builds low to moderate complexity computer application solutions to meet business informational needs and requirements. Designs, develops, tests, debugs and documents applications based on technical configurations and specifications. Supports and troubleshoots existing applications. Evaluates and analyzes business requirements for new applications and application changes. We offer: - Extraordinary employee experience - Flexible schedule - Work from home up to 5 days a week - Fitness subsidy - Education subsidy - 3 paid days to enjoy outdoor activities - 5 Personal/sick days - L.L.Bean employee discount - Asociación solidarista - Life and medical insurance - Company doctor About the role: - Prepares details specifications from which programs will be written. - Is able to design solutions within a framework/architecture defined by higher level engineer. - Designs, develops, tests, debugs, implements, documents and maintains applications as assigned. - Designs and develops solutions taking performance into consideration. - Applies formal methodologies when designing and developing solutions. - Develops and executes test plans for developed and purchased software. Documents results. - Provides options for and estimates of possible solutions. - Estimates and tracks time required to complete work, for project budgeting and financial tracking. - Works independently and collaboratively with team; provides regular updates to leader. - May participate in the implementation and integration of packaged software. - Conducts and participates in design and code reviews. - Adheres to security standards in support of PCI compliance. - Adheres to development standards and provides input to development standards - Responsible for 24/7 research and resolution of production system problems. - Coordinates production problem resolution for assigned applications, including working with other technical teams. - On call – provides day time and after hours on call support. - May provide guidance and training to less experienced team members. Standard SAP Basis responsibilities including but not limited to: - Transport management system - System copy - Lower environment refreshes - Database management (index creation, performance analysis) - Data archiving on SAP CRS - Support pack implementation - Daily system support for ECC, BW, and SRM. About you: Education Level: 4-Year Bachelors Degree in Computer Science Experience required: 3+ years in the role. English level: C1 (Advanced) Skills and Qualifications: Required: - Proven experience with SAP Basis on SAP ECC. - SAP Security administrator experience including role creation, access research, troubleshooting. - Critical Thinking - Logical reasoning Preferrable: - General server knowledge and administration experience - Ability to tie SAP landscape to a broader IS infrastructure landscape. - Working knowledge of SAP BW, SRM, and/or POSDM . Other skills: - Team Skills: Flexibility, Collaboration, negotiation, facilitation, communication, presentation and group dynamics, and solid English language skills and comprehension - Technical skills: Problem solving skills, Development skills, Systems Analysis and Design, Program Analysis and Design, experience using design patterns - Technologies: Java, JSP, JavaScript, SQL, Linux, Perl, HTML, C, XML, SOAP, Ajax, Java Server Faces, Web Services, JUNIT, MQ Series, caching solutions, struts, Swing, Websphere Application Server, Restful API, JSON - Databases: DB2, Oracle, SQL Server - MS Desktop tools. - Methodologies: Iterative Development (Agile), Waterfall. - Testing: Unit, Integration, System, Performance - IDE: RAD, Eclipse - Source Code Control and Issue Tracking. - System Integration Skills: Installation, deployment, customization and integration. If you care about the outdoors, joining L.L.Bean is a great way to feel good about what you do. Our benefits package makes a good thing even better, with programs and perks designed to support your health and financial goals. Plus, maintaining a healthy work-life balance and re-charging outside are all part of the plan. If your experience looks a little different from what we've identified and you think you'd be great at this role, we'd love to learn more about you! At L.L.Bean, we believe the outdoors brings out the best in all of us. We strive to reflect this every day in our commitments to employees and partners and in our efforts to promote belonging.

Additional Information About the Role BJC is hiring for a Security Risk II Analyst. Ideal candidate will have experience in Security Risk Assessments and 3rd Party Risk Assessments. Experience with Logic 8 Platform is preferred. This is a remote position, but we are looking for candidates in the St. Louis Metro area. Overview BJC HealthCare is one of the largest nonprofit health care organizations in the United States, delivering services to residents primarily in the greater St. Louis, southern Illinois and southeast Missouri regions. With net revenues of $6.3 billion and more than 30,000 employees, BJC serves patients and their families in urban, suburban and rural communities through its 14 hospitals and multiple community health locations. Services include inpatient and outpatient care, primary care, community health and wellness, workplace health, home health, community mental health, rehabilitation, long-term care and hospice. BJC is the largest provider of charity care, unreimbursed care and community benefits in the state of Missouri. BJC and its hospitals and health service organizations provide $785.9 million annually in community benefit. That includes $410.6 million in charity care and other financial assistance to patients to ensure medical care regardless of their ability to pay. In addition, BJC provides additional community benefits through commitments to research, emergency preparedness, regional health care safety net services, health literacy, community outreach and community health programs and regional economic development. BJC’s patients have access to the latest advances in medical science and technology through a formal affiliation between Barnes-Jewish Hospital and St. Louis Children’s Hospital with the renowned Washington University School of Medicine, which consistently ranks among the top medical schools in the country. IS Security Services serves as an independent, objective catalyst for implementing effective and efficient controls to protect BJC HealthCare (BJC) information resources through collaboration with customers. We provide value to our customers and the organization by: Ensuring compliance with internal policies and external regulations; evaluating information system and application controls; educating BJC employees and other strategic partners on information systems security practices and concepts; acting as a resource on security controls for new and existing information systems and applications; recovering mission critical applications and data vital to the organization and strategic partners; investigating practices not in compliance with established BJC Information Services security policies and standards. Preferred Qualifications Role Purpose Technology role responsible for the management of risk in a pragmatic and cost-effective manner to ensure stakeholder confidence formal system certification and accreditation technical assessment and evaluation to determine control effectiveness across a large and complex corporate portfolio. Responsibilities - Able to research, analyze, interpret, evaluate, and integrate complex data from a wide variety of sources and provide creative solutions that align with strategic clinical and business workflows. While ensuring compliance of system and application security within scope of responsibility, in accordance with defined service levels, security practices/guidelines, and relevant technology standards. - Perform reviews of business solution self-assessments and assign risk rating. This includes performing a limited control review, completing documentation and presenting assessment in a formal review meeting. - Perform timely vendor vetting assessments on potential business solutions based on business partner requests, highlighting security posture and control gaps and need mitigating activities. This includes but is not limited to conducting meetings with business process owners and vendors, investigating vendor security posture and performance, reviewing baseline controls and gaps, documenting results, and reporting findings in a formal report. - Skillfully interact with business process owners, Technology and security personnel as well as vendors, management and other interested parties is required. This includes but is not limited to conducting meetings with business process owners and vendors, investigating vendor security posture and performance, reviewing baseline controls and gaps and documenting results while effectively report findings in a formal Security Risk Assessment report. Identify and complete Risk Acceptance forms where an exception to a policy or requirement is significant and needs to be reported to Management for approval. - Responsible for adding and maintaining status updates for high and critical findings for high and critical business solutions on the Risk Register. Minimum Requirements Education - Bachelor's Degree Experience - 2-5 years Supervisor Experience - No Experience Preferred Requirements Licenses & Certifications - CIA - CISA - Cert Info Systems Manager - CPA - Certified in Risk & IS Control Benefits and Legal Statement BJC Total Rewards At BJC we’re committed to providing you and your family with benefits and resources to help you manage your physical, emotional, social and financial well-being. - Comprehensive medical, dental, vison, life insurance, and legal services available first day of the month after hire date - Disability insurance* paid for by BJC - Annual 4% BJC Automatic Retirement Contribution - 401(k) plan with BJC match - Tuition Assistance available on first day - BJC Institute for Learning and Development - Health Care and Dependent Care Flexible Spending Accounts - Paid Time Off benefit combines vacation, sick days, holidays and personal time - Adoption assistance To learn more, go to our Benefits Summary. *Not all benefits apply to all jobs The above information on this description has been designed to indicate the general nature and level of work performed by employees in this position. It is not designed to contain or be interpreted as an exhaustive list of all responsibilities, duties and qualifications required of employees assigned to this job. Equal Opportunity Employer