Cybersecurity Business Analyst

About Dexcom

Founded in 1999, Dexcom, Inc. (NASDAQ: DXCM), develops and markets Continuous Glucose Monitoring (CGM) systems for ambulatory use by people with diabetes and by healthcare providers for the treatment of people with diabetes. The company is the leader in transforming diabetes care and management by providing CGM technology to help patients and healthcare professionals better manage diabetes. Since the company’s inception, Dexcom has focused on better outcomes for patients, caregivers, and clinicians by delivering solutions that are best in class - while empowering the community to take control of diabetes. Dexcom reported full-year 2022 revenues of $2.9B, a growth of 18% over 2021. Headquartered in San Diego, California, with additional offices in the Americas, Europe, and Asia Pacific, the company employs over 8,000 people worldwide.

Meet the team:

IT Department is seeking a Cybersecurity Analyst, on the GRC Information Security team, to support information security compliance, certification, audit, and risk management activities. The Cybersecurity Analyst will be the technical lead who manages the organization’s OneTrust GRC tool used to track assets, vendors, and processing activities as well as track, mitigate and prioritize security control gaps and vulnerabilities, determine effective risk mitigation strategies and drive remediation activities via OneTrust assessments. The Cybersecurity Analyst will assist the GRC team to manage and coordinate certification, compliance, and audit activities, including evidence and artifact gathering, preparing control owners for interviews, remediation of findings resulting from audits, risk assessments, and compliance/certification activities. The position will contribute to security control design, development, assessment, and testing

Where you come in:

• OneTrust application configuration and administration:

  • You will configure and maintain the OneTrust platform according to the organizations privacy and security policies.

  • You will manage user access and permissions within the application.

  • You will customize workflows, templates, and assessment frameworks to reflect the organizations specific needs and industry standards.

  • You will Configure, troubleshoot, and implement assessments, assessment templates, risk assessment methodologies, and other relevant settings based on organizational requirements.

  • You stay updated with new features/updates released by OneTrust and implement as necessary.
    
    

• OneTrust application audit management:

  • You plan, schedule, and execute internal audits and compliance reviews using the OneTrust GRC modules.

  • You manage audit workflows, assignments, and findings throughout the audit lifecycle.

  • You facilitate communication and collaboration between audit teams, business units, and external auditors.

  • You track audit recommendations and remediation efforts to ensure timely closure of findings.
    
    

• OneTrust application reporting and analytics

  • You generate reports and dashboards to track key metrics and compliance indicators.

  • You provide regular updates to senior management and stakeholders as required.
    
    

• OneTrust application compliance management

  • You conduct compliance assessments and audits to verify adherence to applicable regulations, standards, and internal policies.

  • You generate compliance reports and documentation for regulatory authorities, auditors, and senior management.

  • You implement controls and measures to address compliance gaps and deficiencies identified through assessments.

• OneTrust application risk management

  • You will conduct risk assessments and analysis using the OneTrust GRC modules to identify, evaluate, and prioritize organizational risks.

  • You will apply risk criteria, scoring methodologies, and risk tolerance levels to facilitate risk management decision-making.

  • You will collaborate with stakeholders to develop risk mitigation strategies and action plans.

  • You will monitor risk indicators and track the effectiveness of risk treatments over time.

  • You will participate and support the organization’s security certification, compliance, and audit activities.

  • You will participate in evidence gathering and remediation of findings resulting from audits, collaboratively establish risk treatment plans with stakeholders, and track and drive risk mitigation and remediation activities.

  • You will collaborate with cross-functional teams to implement GRC enhancements and address emerging risks and compliance challenges.

  • You will develop and deliver GRC-related training programs for employees using the OneTrust GRC modules.

  • You must stay informed about changes in regulations, industry standards, and best practices to ensure the organizations GRC program remains robust and adaptive.

  • You must identify opportunities for enhancing the effectiveness and efficiency of GRC processes, tools, and controls.
    
    

What makes you successful:

• Your experience working in or with an organization’s information technology department.

• Your ability to configure and customize a GRC tool to meet the organization’s specific needs.

• Your familiarity with related technologies such as cloud computing, data management, and security tools.

• Your familiarity with compliance frameworks such as ISO 27001, NIST, PCI DSS, etc.

• Your strong analytical and problem-solving skills.

• Your ability to analyze data, identify trends, and draw meaningful insights.

• You are skilled in managing timelines, resources, and stakeholders with a capacity to anticipate potential issues and proactively implement solutions.

• Your ability to plan, organize, and execute projects related to managing an application (e.g., implementation, configuration, and ongoing application management).

• Your meticulous attention to detail, especially when configuring and managing complex systems.

• Your ability to ensure accuracy and completeness in data management, compliance documentation, and reporting.

• Your ability to work effectively in cross-functional teams and collaborate with stakeholders from various departments.

• Your strong interpersonal skills, including conflict resolution and negotiation abilities.

• Your capacity to build positive relationships and foster a culture of collaboration and cooperation.

• Strong written and verbal communication skills.

• Experience working and managing relational databases; prior OneTrust experience a plus but not a requirement.

What you’ll get:

• A front row seat to life changing CGM technology. Learn about our brave #dexcomwarriors community .

• A full and comprehensive benefits program.

• Growth opportunities on a global scale.

• Access to career development through in-house learning programs and/or qualified tuition reimbursement.

• An exciting and innovative, industry-leading organization committed to our employees, customers, and the communities we serve.

• #LI-Hybrid

To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Dexcom. Only authorized staffing and recruiting agencies may use this site or to submit profiles, applications or resumes on specific requisitions. Dexcom does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to the Talent Acquisition team, Dexcom employees or any other company location. Dexcom is not responsible for any fees related to unsolicited resumes/applications.