Security Risk Analyst (COB000001294)
New York, New York
Employer: Innova solutions
Industry: Information Technology
Salary: $75 - $80 per hour
Job type: Full-Time
Innova Solutions is hiring a IT Security Risk Analyst for a hybrid role with a Healthcare client out of NYC.
Position: Full-time, Contract-to-Hire
Duration: 6 Months
Location: Hybrid out of NYC
***MUST have experience within the Healthcare Industry. Understand EMR systems (Epic, etc) as well as Data privacy issues related to PHI.
***Bachelor's Degree required
***Security Certs and any sort of supervisory experience is needed.
Looking to hire a Security Risk Analyst who will be translating the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. They will also be coordinating the IT organization's technical activities to implement and manage security as well.
The EITS Security Risk Analyst will interface between the CISO's strategic and process-based activities and the work of the technology-focused analysts, engineers and administrators in the IT organization.
The Security Risk Analyst must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting.
The Security Risk Analyst coordinates the IT organization's technical activities to implement and manage security.
The EITS Security Risk Analyst is part of the Enterprise Information Technology Services, Information Security and Risk Management team and will work at an enterprise level to ensure a consistent delivery of information security and risk management services.
This individual will act as a subject matter expert to the assigned business units on matters regarding information security and compliance with HIPAA, Joint Commission, DSRIP, COBIT, and state privacy laws.
General Tasks and Responsibilities Will Include:
• Support Information Security and Risk Management by maintaining and enforcing the Information Security and risk management framework/methodology, including execution of risk analysis and risk mitigation strategies.
• Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing the CISO with a realistic overview of risks and threats in the enterprise environment.
• Exhibit best practice risk management skills through effective internal risk controls, risk monitoring, risk assessment and improvement of risk management processes.
• Document and maintain the enterprise security risk governance methodology and risk management policy, process, and procedure.
• Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
• Organize and perform the enterprise security risk assessment and gap analysis for all technologies, products, and functions introduced, including maintaining risk project work plans to measure and manage progress.
• Track and document all internal risk reviews, assessments, risk acceptances, and security exceptions in a GRC tool.
• Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements.
• Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements
• Serve as the information security liaison and subject matter expert for all relevant EMR and PHI related security risk.
• Conduct or participate in all relevant audits and risk assessment activities (whether operational risk, legal/compliance risk, reputational risk, or information security risk).
• Aid in the planning and execution of risk remediation activities including the identification of practical, cost effective solutions.
• Facilitate team meetings between stakeholders, project leaders, and the Information Technology teams.
• Attend regular team, management, and project meetings and provide both verbal and written reports to the Leadership Team as required. This may include coordination with and support of an Operational Risk Committee.
• Keep informed on current threats and industry regulations.
Knowledgeable In:
• Healthcare industry experience required with understanding of EMR systems and data privacy issues related to PHI
• Experience with reviewing IT solution requirements and security controls implementation
• A strong understanding of the business impact of security tools, technologies and policies.
• Knowledge and experience working with a GRC Software tool
• Strong working knowledge of HIPAA, Joint Commission, CMS, and other regulatory legislation pertinent to the healthcare industry
• Working knowledge of information security frameworks such as NIST CSF, HITECH, ISO27001/27002, PCI DSS and COBIT
• Experience in conducting and responding to information security assessments and audits.
• Strong analytical skills and the ability to resolve complex security vulnerabilities and design compensating controls
Other Preferred Skills:
• Must possess a high degree of integrity and trust along with the ability to work independently
• Participate in special projects as needed and perform other duties as assigned
• Must be able to work independently as well as work as part of a fast-moving team
• Must be able to work at various locations when necessary along with working various shifts
Educational Level:
• A bachelor's degree in information systems
• CISSP, CISA, CRISC or other relevant security qualification
Years Of Experience:
• A minimum of seven years of IT experience, least 5 years dedicated to IT Security Risk Management, Risk Audit/Assessment, and/or Security and/or Data Privacy Investigation least two years in a supervisory capacity.
PAY RANGE AND BENEFITS:
Pay Range*: $75-80/hr W2.
*Pay range offered to a successful candidate will be based on several factors, including the candidate's education, work experience, work location, specific job duties, certifications, etc.
Benefits: Innova Solutions offers benefits( based on eligibility) that include the following: Medical & pharmacy coverage, Dental/vision insurance, 401(k), Health saving account (HSA) and Flexible spending account (FSA), Life Insurance, Pet Insurance, Short term and Long term Disability, Accident & Critical illness coverage, Pre-paid legal & ID theft protection, Sick time, and other types of paid leaves (as required by law), Employee Assistance Program (EAP).
ABOUT INNOVA SOLUTIONS: Founded in 1998 and headquartered in Atlanta, Georgia, Innova Solutions employs approximately 50,000 professionals worldwide and reports an annual revenue approaching $3 Billion. Through our global delivery centers across North America, Asia, and Europe, we deliver strategic technology and business transformation solutions to our clients, enabling them to operate as leaders within their fields.
Website: https://www.innovasolutions.com/
Innova Solutions is an Equal Opportunity Employer and prohibits any kind of unlawful discrimination and harassment. Innova Solutions is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment on the basis of race, color, religion or belief, national origin, citizenship, social or ethnic origin, sex, age, physical or mental disability, veteran status, marital status, domestic partner status, sexual orientation, or any other status protected by the statutes, rules, and regulations in the locations where it operates. If you are an individual with a disability and need a reasonable accommodation to assist with your job search or application for employment, please contact us at hr@innovasolutions.com or (770) 493-5588. Please indicate the specifics of the assistance needed. Innova Solutions encourages all interested and qualified candidates to apply for employment opportunities. Innova Solutions (HireGenics/Volt) does not discriminate against applicants based on citizenship status, immigration status, or national origin, in accordance with 8 U.S.C. § 1324b.
The company will consider for employment qualified applicants with arrest and conviction records in a manner that complies with the San Francisco Fair Chance Ordinance, the Los Angeles Fair Chance Initiative for Hiring Ordinance, and other applicable laws.
Position: Full-time, Contract-to-Hire
Duration: 6 Months
Location: Hybrid out of NYC
***MUST have experience within the Healthcare Industry. Understand EMR systems (Epic, etc) as well as Data privacy issues related to PHI.
***Bachelor's Degree required
***Security Certs and any sort of supervisory experience is needed.
Looking to hire a Security Risk Analyst who will be translating the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. They will also be coordinating the IT organization's technical activities to implement and manage security as well.
The EITS Security Risk Analyst will interface between the CISO's strategic and process-based activities and the work of the technology-focused analysts, engineers and administrators in the IT organization.
The Security Risk Analyst must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting.
The Security Risk Analyst coordinates the IT organization's technical activities to implement and manage security.
The EITS Security Risk Analyst is part of the Enterprise Information Technology Services, Information Security and Risk Management team and will work at an enterprise level to ensure a consistent delivery of information security and risk management services.
This individual will act as a subject matter expert to the assigned business units on matters regarding information security and compliance with HIPAA, Joint Commission, DSRIP, COBIT, and state privacy laws.
General Tasks and Responsibilities Will Include:
• Support Information Security and Risk Management by maintaining and enforcing the Information Security and risk management framework/methodology, including execution of risk analysis and risk mitigation strategies.
• Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing the CISO with a realistic overview of risks and threats in the enterprise environment.
• Exhibit best practice risk management skills through effective internal risk controls, risk monitoring, risk assessment and improvement of risk management processes.
• Document and maintain the enterprise security risk governance methodology and risk management policy, process, and procedure.
• Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
• Organize and perform the enterprise security risk assessment and gap analysis for all technologies, products, and functions introduced, including maintaining risk project work plans to measure and manage progress.
• Track and document all internal risk reviews, assessments, risk acceptances, and security exceptions in a GRC tool.
• Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements.
• Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements
• Serve as the information security liaison and subject matter expert for all relevant EMR and PHI related security risk.
• Conduct or participate in all relevant audits and risk assessment activities (whether operational risk, legal/compliance risk, reputational risk, or information security risk).
• Aid in the planning and execution of risk remediation activities including the identification of practical, cost effective solutions.
• Facilitate team meetings between stakeholders, project leaders, and the Information Technology teams.
• Attend regular team, management, and project meetings and provide both verbal and written reports to the Leadership Team as required. This may include coordination with and support of an Operational Risk Committee.
• Keep informed on current threats and industry regulations.
Knowledgeable In:
• Healthcare industry experience required with understanding of EMR systems and data privacy issues related to PHI
• Experience with reviewing IT solution requirements and security controls implementation
• A strong understanding of the business impact of security tools, technologies and policies.
• Knowledge and experience working with a GRC Software tool
• Strong working knowledge of HIPAA, Joint Commission, CMS, and other regulatory legislation pertinent to the healthcare industry
• Working knowledge of information security frameworks such as NIST CSF, HITECH, ISO27001/27002, PCI DSS and COBIT
• Experience in conducting and responding to information security assessments and audits.
• Strong analytical skills and the ability to resolve complex security vulnerabilities and design compensating controls
Other Preferred Skills:
• Must possess a high degree of integrity and trust along with the ability to work independently
• Participate in special projects as needed and perform other duties as assigned
• Must be able to work independently as well as work as part of a fast-moving team
• Must be able to work at various locations when necessary along with working various shifts
Educational Level:
• A bachelor's degree in information systems
• CISSP, CISA, CRISC or other relevant security qualification
Years Of Experience:
• A minimum of seven years of IT experience, least 5 years dedicated to IT Security Risk Management, Risk Audit/Assessment, and/or Security and/or Data Privacy Investigation least two years in a supervisory capacity.
PAY RANGE AND BENEFITS:
Pay Range*: $75-80/hr W2.
*Pay range offered to a successful candidate will be based on several factors, including the candidate's education, work experience, work location, specific job duties, certifications, etc.
Benefits: Innova Solutions offers benefits( based on eligibility) that include the following: Medical & pharmacy coverage, Dental/vision insurance, 401(k), Health saving account (HSA) and Flexible spending account (FSA), Life Insurance, Pet Insurance, Short term and Long term Disability, Accident & Critical illness coverage, Pre-paid legal & ID theft protection, Sick time, and other types of paid leaves (as required by law), Employee Assistance Program (EAP).
ABOUT INNOVA SOLUTIONS: Founded in 1998 and headquartered in Atlanta, Georgia, Innova Solutions employs approximately 50,000 professionals worldwide and reports an annual revenue approaching $3 Billion. Through our global delivery centers across North America, Asia, and Europe, we deliver strategic technology and business transformation solutions to our clients, enabling them to operate as leaders within their fields.
Website: https://www.innovasolutions.com/
Innova Solutions is an Equal Opportunity Employer and prohibits any kind of unlawful discrimination and harassment. Innova Solutions is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment on the basis of race, color, religion or belief, national origin, citizenship, social or ethnic origin, sex, age, physical or mental disability, veteran status, marital status, domestic partner status, sexual orientation, or any other status protected by the statutes, rules, and regulations in the locations where it operates. If you are an individual with a disability and need a reasonable accommodation to assist with your job search or application for employment, please contact us at hr@innovasolutions.com or (770) 493-5588. Please indicate the specifics of the assistance needed. Innova Solutions encourages all interested and qualified candidates to apply for employment opportunities. Innova Solutions (HireGenics/Volt) does not discriminate against applicants based on citizenship status, immigration status, or national origin, in accordance with 8 U.S.C. § 1324b.
The company will consider for employment qualified applicants with arrest and conviction records in a manner that complies with the San Francisco Fair Chance Ordinance, the Los Angeles Fair Chance Initiative for Hiring Ordinance, and other applicable laws.
Created: 2024-09-13
Reference: 983420
Country: United States
State: New York
City: New York
ZIP: 10036
Similar jobs:
-
Senior Security and Risk Ops Analyst
Intuit in New York, New York -
Risk Analyst
Procom in New York, New York -
Senior Analyst-Risk Management
American Express in New York, New York -
Credit & Price Risk Business Analyst - Buffalo, NY - 12 months
Open Systems Technologies in Buffalo, New York -
Credit Risk Analyst - Hedge Funds
UBS in New York, New York💸 $119000 - $156000 per year -
Insurance Risk Analyst
Uber in New York, New York💸 $131000 per year -
Sr. Analyst - Product/Service Risk Advisory
American Express in New York, New York -
Virtual Currency Senior Blockchain Analytics Analyst (Financial Services Specialist 2 (Financial Crime Risk), SG-23)
StateJobsNY in Albany/ New York, New York💸 $84156 per year -
FID, Electronic Trading Risk Manager - Analyst/Associate
Morgan Stanley in New York, New York💸 $65000 - $125000 per year -
Credit & Price Risk Business Analyst
Experis in Buffalo, New York💸 $35 - $41 per hour -
Governance, Risk, & Compliance (GRC) Security Risk Senior Analyst - Global Security Organization
TikTok in New York, New York -
Risk Analyst, New York City
Lockton, Inc. in New York City, New York -
Sr. Enterprise Risk & Internal Control Analyst
Paychex Inc. in Rochester, New York💸 $80360 - $149240. per year -
Staff Fraud Analyst, Risk Data
SoFi in New York City, New York💸 $115200.00 per year -
Senior Analyst, Risk Business Operations
SoFi in New York City, New York💸 $99200.00 per year -
Conflicts Analyst -Risk and Brand Protection
Deloitte in New York, New York💸 $51900 - $106500. per year -
Enterprise Risk Management Analyst Job in Rochester, NY:
Akkodis in RochesterÃŽle, New York💸 $75 - $85000 per year -
Quant Analyst - Liquidity Risk
Bloomberg LP in New York, New York -
Fraud and Risk Analyst 2
Intuit in New York, New York -
Investment Risk Analyst
UBS in New York, New York💸 $90000 - $110000 per year