Montefiore Medical Center
Overview
City/State:
Yonkers, New York
Grant Funded:
No
Department:
MIT - Information Security Governance
Work Shift:
Day
Work Days:
MON-FRI
Scheduled Hours:
8:30 AM-5 PM
Scheduled Daily Hours:
7.5 HOURS
Pay Range:
$107,280.00-$134,100.00
The Security Risk Management Analyst will be responsible for ensuring the organization's data remains secure and all risks, vulnerabilities and defects are managed, tracked and remediated according to policy and/or best practices. The Information Security Risk Management Analyst must have experience with risk management concepts and processes. The Information Security Risk Management Analyst will be responsible for ensuring the organization remains secure and that all identified gaps are managed.
Responsibilities
Coordinate and facilitate the risk management program within specified policy, standard and procedures.
Communicate with auditors and regulators during compliance and regulatory reviews
Participate in information security audits ensuring technical compliance with security related regulatory requirements (HIPAA, PCI, etc.)
Collaboratively work with peers to ensure operational excellence
Contribute to risk assessments
Identify and prioritize risk based on impact and likelihood
Work directly with key business leaders to facilitate information risk analysis and risk management processes, identify acceptable levels of risk, and establish roles and responsibilities with regards to information risk management
Execute the organization's risk procedures
Evaluate the results of the vendor assessment
Maintain risk registries
Maintain and monitor Information Security Risk Exception process to ensure identification of areas of non-compliance
Qualifications
Experience in creating and maintaining cybersecurity policies tailored to organizational needs.
Experience in identifying and assessing potential risks, developing risk mitigation strategies, and analyzing risk trends.
Experience conducting IT Risk Security Assessments.
Familiarity with industry regulations and standards: NIST, HIPAA, PCI.
Understanding of cybersecurity laws, regulations, and the implementation of security controls.
Experience managing risks associated with third-part vendors.
#SF-DICE
#SF-LI-SC
Montefiore Health System, Inc. is an equal employment opportunity employer. Montefiore Health System, Inc. will recruit, hire, train, transfer, promote, layoff and discharge associates in all job classifications without regard to their race, color, religion, creed, national origin, alienage or citizenship status, age, gender, actual or presumed disability, history of disability, sexual orientation, gender identity, gender expression, genetic predisposition or carrier status, pregnancy, military status, marital status, or partnership status, or any other characteristic protected by law.
#J-18808-Ljbffr
Yonkers, New York
Grant Funded:
No
Department:
MIT - Information Security Governance
Work Shift:
Day
Work Days:
MON-FRI
Scheduled Hours:
8:30 AM-5 PM
Scheduled Daily Hours:
7.5 HOURS
Pay Range:
$107,280.00-$134,100.00
The Security Risk Management Analyst will be responsible for ensuring the organization's data remains secure and all risks, vulnerabilities and defects are managed, tracked and remediated according to policy and/or best practices. The Information Security Risk Management Analyst must have experience with risk management concepts and processes. The Information Security Risk Management Analyst will be responsible for ensuring the organization remains secure and that all identified gaps are managed.
Responsibilities
Coordinate and facilitate the risk management program within specified policy, standard and procedures.
Communicate with auditors and regulators during compliance and regulatory reviews
Participate in information security audits ensuring technical compliance with security related regulatory requirements (HIPAA, PCI, etc.)
Collaboratively work with peers to ensure operational excellence
Contribute to risk assessments
Identify and prioritize risk based on impact and likelihood
Work directly with key business leaders to facilitate information risk analysis and risk management processes, identify acceptable levels of risk, and establish roles and responsibilities with regards to information risk management
Execute the organization's risk procedures
Evaluate the results of the vendor assessment
Maintain risk registries
Maintain and monitor Information Security Risk Exception process to ensure identification of areas of non-compliance
Qualifications
Experience in creating and maintaining cybersecurity policies tailored to organizational needs.
Experience in identifying and assessing potential risks, developing risk mitigation strategies, and analyzing risk trends.
Experience conducting IT Risk Security Assessments.
Familiarity with industry regulations and standards: NIST, HIPAA, PCI.
Understanding of cybersecurity laws, regulations, and the implementation of security controls.
Experience managing risks associated with third-part vendors.
#SF-DICE
#SF-LI-SC
Montefiore Health System, Inc. is an equal employment opportunity employer. Montefiore Health System, Inc. will recruit, hire, train, transfer, promote, layoff and discharge associates in all job classifications without regard to their race, color, religion, creed, national origin, alienage or citizenship status, age, gender, actual or presumed disability, history of disability, sexual orientation, gender identity, gender expression, genetic predisposition or carrier status, pregnancy, military status, marital status, or partnership status, or any other characteristic protected by law.
#J-18808-Ljbffr