Information Security Risk Analyst II - IT Risk

Remote Full-time
About the position Join Novant Health's Information Technology team as an Information Security Risk Analyst, on the IT Governance, Risk, and Compliance (IT GRC) team, where you'll play a critical role in safeguarding our information systems and supporting our mission to deliver remarkable care. Schedule: 8:00AM - 5:00PM (On call support required, as needed). Location: Remote Department: ETS - Information Security. Responsibilities • Monitor and assess IT & security risks across information systems throughout their lifecycle. • Perform ongoing assessment of IT controls to ensure they are operating effectively and efficiently. • Identify and document sensitive data stored, transmitted, or processed within systems. • Enforce security principles such as least privilege and least functionality. • Provide actionable insights to senior leadership to support risk-informed decision-making. • Develop and maintain risk management procedures, including evaluating the significance of identified risks, defining acceptable mitigation strategies and risk tolerance, establishing ongoing risk monitoring practices, and ensuring effective oversight of the risk management strategy. Requirements • 4 Year / Bachelor's Degree, required. • Minimum three years Information Security Risk Analysis, Information Security, required. • (CRISC) and (CompTIA Security+ or CompTIA Healthcare IT Tech) or equivalent. (Two cert req), required. • Intermediate knowledge of risk management processes. • Intermediate knowledge of national laws, regulations, policies, and ethics as they relate to cybersecurity. • Intermediate knowledge of cybersecurity principles. • Intermediate knowledge of cyber threats and vulnerabilities. • Basic knowledge of cyber defense mitigation techniques and vulnerability assessment tools. • Intermediate knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins. • Intermediate knowledge of information assurance (IA) principles. • Intermediate knowledge of current industry methods for evaluating, implementing, and disseminating IT security assessment tools. • Intermediate knowledge of new and emerging IT and cybersecurity technologies. • Intermediate knowledge of the organization's enterprise IT goals and objectives. • Intermediate knowledge of the organization's core business/mission processes. • Intermediate knowledge of Personally Identifiable Information (PII) and Payment Card Industry (PCI) data security standards. • Intermediate knowledge of applicable laws relevant to work performed. • Basic knowledge of IT supply chain security and risk management policies. • Intermediate skill in evaluating the trustworthiness of the supplier and/or product. • Intermediate knowledge of relevant laws, policies, procedures, or governance related to work impacting critical infrastructure. • Intermediate knowledge of information classification programs and procedures for information loss. • Interpersonal communication skill, both written and oral. • Attention to detail and organization skills. • Analysis and critical thinking skills. • Ability to develop productive working relationships with business and technical groups. • Ability to effectively prioritize multiple responsibilities. • Ability to take direction as well as work with a moderate degree of independence. • Ability to work as a member of a team. • Ability to eagerly seize responsibility and ownership for assigned tasks. • Ability to drive/travel to multiple locations/facilities as needed. Nice-to-haves • Basic knowledge of information security architecture principles. • Basic knowledge of incident response methodologies. • Basic knowledge of security tools (IDS, FIM, Vulnerability Scanner, SIEM, Forensics, Network Mapping, Penetration Testing, Encryption, etc.). • Basic knowledge of penetration testing methods. • Basic knowledge of systems testing and evaluation methods.Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Director Medical Affairs Operations

Remote

Assistant Community Manager - Cadence Cool Springs in Franklin, TN

Remote

Environmental Analyst II - Sr Lead

Remote

Associate Attorney - General Liability - Complex Liability - Catastrophic Loss

Remote

Customer Service Representative - Dental & Vision Benefits Specialist | Remote Position in Nebraska

Remote

Assistant General Counsel, Treasury – Global Trade Transactions

Remote

Partner Growth Specialist (Inside Sales), West Coast

Remote

Walgreens Pharmacy Tech Job Application $25/Hour

Remote

Experienced Online Chat Customer Service Representative – Part-Time Work from Home Opportunity with arenaflex – No Prior Experience Required

Remote

**Experienced Entry-Level Data Entry Operator – Flexible Part-Time Remote Opportunity**

Remote
← Back