Enterprise Risk / Compliance Analyst

• This role is based in Richfield, Minnesota, and is primarily a work-from-home model. You may be asked to come into the office on an infrequent basis for team meetings/projects. Thus, you must be located within a drivable distance of our Richfield, Minnesota corporate office.

As the Enterprise Risk and Compliance analyst, you will support the team in preparing for, completing, and maintaining HIPAA/HITRUST/SOC/NIST Certifications on various service offerings within the Best Buy Enterprise/Health Businesses. You will lead operational compliance activities and help develop a continuous compliance strategy from the ground up to support the Information Security Programs. Your success is based on proven leadership, strong communication skills, collaboration skills, and a deep understanding of performing assessments and documenting/validating audit results (including remediation plans).

What You’ll Do

• Perform compliance training for the understanding of applicable laws, regulations, mandates, security expectations, and contract obligations with business partners (e.g., audit methodologies, security requirements)
• Partner with internal cross-functional teams and external assessors to perform continuous security compliance assessments
• Assess, identify, document, and communicate compliance issues/risk through ongoing testing, collecting evidence, analyzing evidence, and tracking remediation (including validation)
• Develop, maintain, and evaluate compliance with standard operating procedures to comply with security requirements

Basic Qualifications

• 1 or more years of experience with auditing common technologies (e.g., Azure, AWS, OS400, Mainframe, Windows, SQL, Oracle, and Linux)
• 2 or more years of internal audits and compliance assurance (e.g., HIPAA, NIST)
• Strong computer skills required, critical thinking skills, and proficiency in the MS Office Suite
• Ability to manage multiple priorities to meet deadlines

Preferred Qualifications

• Bachelors in accounting, information technology, cybersecurity, or closely related IT field and/or master’s in business administration
• Knowledge of Cybersecurity Risk and Strategy, Enterprise Risk Management, Regulatory Compliance (e.g., HIPAA, NIST, CMS, COBIT, SOX), and/or Health industries audits

What’s in it for you

• We’re committed to helping our people thrive at work and at home. We offer generous benefits that address your total well-being and provide support as you need it, especially at key moments in your life.

Our benefits include

• Physical and mental well-being support
• Generous employee discount
• Competitive pay

About us

As part of the Best Buy team, you’ll help us fulfill our purpose to enrich lives through technology. We bring that to life every day by humanizing and personalizing tech solutions for every stage of life — in our stores, online, and in customers’ homes.

Our culture is built on deeply supporting and valuing our amazing employees who make it all possible. We’re committed to being a great place to work, where you can unlock unique career possibilities. Above all, we aim to provide a place where you can bring your full, authentic self to work now and into the future. Tomorrow works here.™As the Enterprise Risk and Compliance Analyst, you will support the team in preparing for, completing, and maintaining HIPAA/HITRUST/SOC/NIST Certifications on various service offerings within the Best Buy Enterprise/Health Businesses. You will lead operational compliance activities and help develop a continuous compliance strategy from the ground up to support the Information Security Programs. Your success is based on proven leadership, strong communication skills, collaboration skills, and a deep understanding of performing assessments and documenting/validating audit results (including remediation plans).