Overview
CommonSpirit Health was formed by the alignment of Catholic Health Initiatives (CHI) and Dignity Health. With more than 700 care sites across the U.S. from clinics and hospitals to home-based care and virtual care services CommonSpirit is accessible to nearly one out of every four U.S. residents. Our world needs compassion like never before. Our communities need caring and our families need protection. With our combined resources CommonSpirit is committed to building healthy communities advocating for those who are poor and vulnerable and innovating how and where healing can happen both inside our hospitals and out in the community.
Responsibilities
This is a remote position.
Job Summary
The purpose of the Cybersecurity Analyst position is to support the Governance, Risk, and Compliance program’s risk assessment team for CommonSpirit. This program is responsible for cybersecurity risk and governance including vendor security risk assessments, application / software security risk assessments, and medical device security reviews.
The Cybersecurity Analyst, Risk Assessment position will report to the Manager, Governance, Risk and Compliance as part of the Risk Assessment team, performing risk assessments on various solutions, including internally hosted applications, vendor managed applications, software, IOT devices, software scripts, biomedical devices, etc. and communicating the risk of those solutions to our business partners and other stakeholders.
Essential Key Job Responsibilities:
- Performs intermediate cybersecurity risk assessment tasks.
- Supports and participates in development of risk assessment initiatives.
- Perform technical analysis of software and hardware, using security tools as needed.
- Prepare detailed reports and documentation on security assessments, findings, and remediation efforts.
- Communicate security risks and recommendations to stakeholders, including technical and non-technical audiences.
- Identifies opportunities for process improvements
- Collaborates with internal and external stakeholders
- Perform other job duties as required
Soft Skills Required:
- Strong analytical and problem-solving skills with attention to detail.
- Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to non-technical stakeholders.
- Ability to work independently and manage multiple tasks effectively.
The ideal candidate will have experience with and knowledge of the following:
- Security tools such as Rapid7, Wireshark, malware scanners, and similar.
- Architecture security concepts, application security requirements and controls, secure coding practices (e.g. OWASP), powershell scripts, filtering and interpreting logs, vulnerability and threat intelligence concepts, etc
- Security Frameworks and compliance standards (e.g. CIS, NIST, ISO 27001, HITRUST, etc.)
- ServiceNow experience is also a plus.
Qualifications
- Bachelors Preferred
- 2-3 years job related experience required
Pay Range
$36.17 - $52.44 /hour