Senior Information Security & Cyber Risk Analyst (Compliance, CISSP, CISM, CBCP, CHPS, CISA, HI[...]
Company: DBA Web Technologies
Location: Washington
Posted on: November 16, 2024
Job Description:
Senior Information Security & Cyber Risk Analyst (Compliance,
CISSP, CISM, CBCP, CHPS, CISA, HIPAA, NIST CSF) in Vancouver,
WALocation: Vancouver, WADuration: Full-Time Permanent position (no
contracts, no corp to corp, no remote)Salary: Excellent
Compensation with benefits + relocation + interview travelSKILLS:
Information Security, Cyber Risk, Compliance, Security Frameworks,
NIST CSF, HIPAA, CISSP, CISM, CBCP, CHPS, CISASCREENING
QUESTIONS:
- Do you have at least five years of experience in managing
information security, cyber risk, and/or compliance related
activities?
- Do you have healthcare experience?
- Do you have experience working with security frameworks (e.g.,
NIST CSF, HIPAA)?
- Do you have experience in information security
investigations?
- Do you have demonstrated experience across information security
and cyber risk domains?DESCRIPTION:JOB SUMMARY:Responsible for
planning and implementation of information security and cyber risk
policies, procedures, standards, and controls across PeaceHealth.
Facilitates cyber risk management activities, security risk
assessments, and information security awareness. Evaluates ongoing
use and performance of information security programs and processes.
Provides support for internal and external security assessments,
including gathering and discussing evidence, and tracking
remediation responses and activities.ESSENTIAL FUNCTIONS:
- Collaborates with functional teams on cyber risks and
PeaceHealth information security initiatives. Solicits involvement
of senior management and leaders to achieve cyber risk management
objectives through information sharing and collaboration to support
timely resolution and risk mitigation.
- Leads and supports enterprise-wide information security and
cyber risk assessments with technical and non-technical teams.
- Proactively identifies and develops recommendations to
information security and cyber risk issues and vulnerabilities by
working with multiple teams including privacy, compliance, internal
audit, legal, HR, information technology, etc.
- Serves as an advisor and subject matter expert on identified
information security and cyber risk issues, projects, or any other
PeaceHealth initiative that may have an information security
implication.
- Facilitates information security committees and work groups,
including scheduling, coordination, follow up, status reports and
report outs.
- Performs cyber management activities, security risk
assessments, security related investigations, and provides
information security awareness. Conducts internal security and
confidential information investigations and information usage
security audits.
- Develops and maintains relevant cyber risk metrics to promote
transparency across the PeaceHealth communities we serve. Measures,
monitors and reports on information security risks via security
governance committees and other ad hoc meetings at
PeaceHealth.
- Promotes information security education and awareness across
PeaceHealth.
- Performs other duties as assigned.EDUCATION:
- Bachelor's Degree in Information Systems, Information
Technology, Computer Science, Information Security, or relevant
field; OR
- Equivalent knowledge and skills obtained through a combination
of education, training, and experience
required.EXPERIENCE/TRAINING:
- Minimum of 5+ to 7 years of experience in managing information
security, cyber risk, and/or compliance related activities
required.
- Experience working with security frameworks (e.g., NIST CSF,
HIPAA) required.
- Demonstrated experience across information security and cyber
risk domains required.
- Health care experience preferred.
- Experience in information security investigations
preferred.LICENSES/CERTIFICATIONS:
- CISSP, CISM, CBCP, CHPS, CISA, or equivalent certification
required.
- Must obtain one of these certifications within 12 months from
hire date if not obtained at time of
hire.KNOWLEDGE/SKILLS/ABILITIES:
- Excellent project management, written and oral communications
skills.
- Ability to present information in various forms such as
textual, graphical and statistical.
- Ability to collect and analyze data to guide decision making
while under potentially intense pressure to address security
incidents.
- Demonstrated ability to work collaboratively with a broad range
of constituencies and respond to their needs and collaborate
effectively towards solutions.
- Ability to work on matters of high sensitivity and
confidentiality with both professionalism and discretion.
- Ability to work independently with limited supervision and
guidance.
- Proficient in standard software programs (i.e., Microsoft
products, Windows and Outlook).
#J-18808-Ljbffr
Keywords: DBA Web Technologies, Tuckahoe , Senior Information Security & Cyber Risk Analyst (Compliance, CISSP, CISM, CBCP, CHPS, CISA, HI[...], Professions , Washington, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...