Security Risk Analyst (REMOTE) puesto vacante

Vacancy caducado!

Employment Type:Full timeShift:Day ShiftDescription:Provides information security risk knowledge and serves as a specialist to identify, prioritize, and collaboratively mitigate cyber risk enterprise-wide. Candidate maintains the ability to be an analytical thinker, collaborative team player, an effective, dynamic communicator, and able to bridge the gap between business demands and cybersecurity requirements. Responsible for the following:

Plan, coordinate and conduct security risk assessments for information systems and third parties

Compose reports, assessments, and other documents to provide decision support on information security risks and controls for executives, system owners and management

Assess the likelihood and impact of adverse events and recommend effective controls and mitigations to management

Research, analyze and report on the cybersecurity risk of doing business with third parties

Facilitate the response and mitigation of third party security incidents

Support the continuous improvement and implementation of Information Security Policies, Standards, Processes, and Procedures

Contribute to the enhancement and implementation of the information security risks & controls library

Perform control assessments to determine if cybersecurity controls are effective and in compliance with applicable requirements

Establish and implement effective security awareness practices across the System, including training, phishing, and communications.

Keep pace with emerging technology, cyber threats, and industry trends around cybersecurity.

Assists and supports the Planning and Integration as well as Enterprise Information Security (EIS) Managers, Directors ensuring all projects and services meet Trinity Health Information Security and regulatory standards while delivering business requirements.

ESSENTIAL FUNCTIONS

Knows, understands, incorporates and demonstrates the Trinity Health (TH) Mission, Vision and Values in behaviors, practices and decisions.

Provides technical consultation and assistance in identifying, evaluating and documenting use of systems and other related services to ensure compliance with EIS policies.

Reviews various system and technical documents and applies security templates. Defines security configuration and operational standards for security systems and applications.

Interacts with vendors to ensure a cohesive client-vendor relationship that maintains and upholds services in the best interest of Trinity Health.

Contributes to the creation of department procedures, standards and documentation for all information security services. Utilizes excellent verbal and written communication skills.

Represents the EIS Director, when applicable, on EIS matters as well as serve as EIS liaison with RHM Security and Privacy Officials.

Participates in the development and promotion of Information Security information for general awareness.

Participates in site-specific meetings. Participates in the creation of the development and implementation of annual objectives and tactical plans to achieve strategic planning initiatives. Monitors or enforces security policies, procedures and standards to ensure conformance with TIS objectives.

Maintains a working knowledge of applicable Federal, State and local laws/regulations; the Trinity Health Integrity and Compliance Program and Code of Conduct; as well as other policies and procedures in order to ensure adherence in a manner that reflects honest, ethical and professional behavior.

MINIMUM QUALIFICATIONS

Bachelor’s degree or an equivalent combination of education and experience.

Minimum of three (3) years of progressive experience in Information Services including one (1) year in information security, including experience in compliance with federal and state security regulations

Certified Information Systems Security Professional (CISSP), International Social Security Association (ISSA), Certified Information Systems Auditor (CISA) or equivalent preferred.

Must possess a general understanding of enterprise security best practices relating to implementing and managing enterprise security solutions.

Working knowledge of one or more information security regulations and/or frameworks; i.e. HIPAA, ISO 27001/2, FISMA, FIPS, and NIST security.

Experience with administrative and technical assessments as well as enforcing organizational compliance.

Must be team oriented, supportive, and committed to excellence and possess high level of initiative and self-motivation with demonstrated work ethic.

Must be committed to continual personal and professional growth, possess a pro-active approach with a willingness to “go the extra mile” every time for the customer.

Ability to work under general direction, manage multiple priorities and to effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects and work load.

A personal presence which is characterized by a sense of honesty, integrity and caring with the ability to inspire and motivate others to promote the philosophy, mission, vision, goals and values of Trinity Health.

PREFERRED SKILLS: Information security risk knowledge and serves as a specialist to identify, prioritize, and collaboratively mitigate cyber risk enterprise-wide. Candidate maintains the ability to be an analytical thinker, collaborative team player, an effective, dynamic communicator, and able to bridge the gap between business demands and cybersecurity requirements. Responsible for the following: