GENERAL SUMMARY: This position reports to the GRC Controls Manger within the Cybersecurity Governance, Risk, and Compliance (CGRC) organization and collaborates closely with cross functional enterprise groups to ensure processes and services are implemented and operationalized to meet both the needs of the business and regulatory requirements. Additionally, this role works closely with GRC Controls Consultants to support the GRC Controls Program and the GRC Issue Mangement processes. PRINCIPLE DUTIES AND RESPONSIBILITIES: The GRC Controls Coordinator handles supporting tasks related to control development and issue resolution. The GRC Controls Coordinator also works closely with the GRC Consultants to support GRC Controls Program. The candidate must have the ability to develop work with minimal supervision, maintain and report against a work plan, give appropriate updates and status reports, and serve as a point of contact and liaison with cross functional enterprise groups. + Responsible for understanding the GRC Controls Program (which includes both Control development and Issue Management), the Information Privacy and Security Office services, functional IT services, and the business unit processes/ systems that the GRC Controls function supports. + Responsible for triaging new GRC issues, identifying issue owners, and issue assignment within the GRC tool, as well as overall support of the Issue Management processes. + Responsible for monitoring the GRC Controls Outlook Mailbox for new Control requests and assigning work tickets to team, as well as responding to Control Owner questions and building out FAQs. + Responsible for updating and maintaining supporting tables within the GRC tool (ex. Entities, Policies). + This role will provide assistance in reporting GRC Control Program Metrics. + This role will support the GRC Consultant with the GRC Standard Controls processes and data entry. + The GRC Controls Coordinator will assist in coordinating Control Owner access to the GRC tool, obtaining standard Control Procedures and Control Evidence, organizing GRC Standard Control documentation, and ensuring Control Owners are trained via the automated training process. + The GRC Controls Coordinator will provide support in executing GRC Control Program activities that support the overall program operations (ex. Process for keeping Controls current, access request support, assisting with GRC Controls metric reporting, and other tasks as assigned). + Liaison with internal / external stakeholders as needed. + Contributes to the development and maintenance of supporting technology platforms including building test plans, and executing test plans. + Support IPSO and IT teams via integrated workflow. + Capable of following documented work instructions with limited guidance. + Other duties may be assigned. EDUCATION/EXPERIENCE REQUIRED: + Associates’ degree in information systems, Computer Science or related field preferred, relevant work experience/certification considered + Skilled in Microsoft Office, including Viso + 2+ years of experience in IT risk mgt, IT Controls mgt or IT Audit mgt + Demonstrates strong and effective verbal, written, and interpersonal communication skills, with experience in all at the executive level. + Ability to prioritize and multi-task in a dynamic, fast paced, and challenging environment. + Experience with standard GRC systems preferred. + Knowledge of IT systems and functions, process development, change management, and service and implementation lifecycle. + Knowledge of information security best practices, NIST Cybersecurity Framework, and common risk frameworks. + Can conform to shifting priorities, demands and timelines through analytical and problem-solving capabilities. Additional Information + Organization: Corporate Services + Department: Ascension Privacy_Security RMS + Shift: Day Job + Union Code: Not Applicable Additional Details This posting represents the major duties, responsibilities, and authorities of this job, and is not intended to be a complete list of all tasks and functions. It should be understood, therefore, that incumbents may be asked to perform job-related duties beyond those explicitly described above. Overview Henry Ford Health partners with millions of people on their health journey, across Michigan and around the world. We offer a full continuum of services – from primary and preventative care to complex and specialty care, health insurance, a full suite of home health offerings, virtual care, pharmacy, eye care and other health care retail. With former Ascension southeast Michigan and Flint region locations now part of our team, Henry Ford’s care is available in 13 hospitals and hundreds of ambulatory care locations. Based in Detroit, Henry Ford is one of the nation’s most respected academic medical centers and is leading the Future of Health: Detroit, a $3 billion investment anchored by a reimagined Henry Ford academic healthcare campus. Learn more at henryford.com/careers . Benefits The health and overall well-being of our team members is our priority. That’s why we offer support in the various components of our team’s well-being: physical, emotional, social, financial and spiritual. Our Total Rewards program includes competitive health plan options, with three consumer-driven health plans (CDHPs), a PPO plan and an HMO plan. Our team members enjoy a number of additional benefits, ranging from dental and eye care coverage to tuition assistance, family forming benefits, discounts to dozens of businesses and more. Employees classified as contingent status are not eligible for benefits. Equal Employment Opportunity/Affirmative Action Employer Equal Employment Opportunity / Affirmative Action Employer Henry Ford Health is committed to the hiring, advancement and fair treatment of all individuals without regard to race, color, creed, religion, age, sex, national origin, disability, veteran status, size, height, weight, marital status, family status, gender identity, sexual orientation, and genetic information, or any other protected status in accordance with applicable federal and state laws.