*Overview*
CommonSpirit Health was formed by the alignment of Catholic Health Initiatives (CHI) and Dignity Health. With more than 700 care sites across the U.S. from clinics and hospitals to home-based care and virtual care services CommonSpirit is accessible to nearly one out of every four U.S. residents. Our world needs compassion like never before. Our communities need caring and our families need protection. With our combined resources CommonSpirit is committed to building healthy communities advocating for those who are poor and vulnerable and innovating how and where healing can happen both inside our hospitals and out in the community.
*Responsibilities*
This is a remote position.
- Job Summary* The purpose of the Cybersecurity Senior Risk Assessment Analyst position is to support the Governance, Risk, and Compliance program’s risk assessment team. This program is responsible for cybersecurity risk and governance including vendor security risk assessments, application / software security risk assessments, and medical device security reviews.
The Senior Risk Assessment Analyst position will report to the Manager, Governance, Risk and Compliance as part of the Risk Assessment team, performing risk assessments on various solutions, including internally hosted applications, vendor managed applications, software, IOT devices, software scripts, biomedical devices, etc. and communicating the risk of those solutions to our business partners and other stakeholders.
*Job Responsibilities*
- Performs *intermediate and advanced *vendor, biomed device, and/or application security risk assessments and related tasks.
- Participates in risk assessment program strategy design and leads risk assessment initiatives.
- Identifies, scores, documents, and reports on cybersecurity risks identified during the assessment process.
- Actively contributes to the administration, maintenance and improvements of CommonSpirit Health’s risk assessment program.
- May act as an escalation point for risk assessments.
- Identifies and drives process improvement.
- Collaborates with both internal and external stakeholders.
- Performs other job duties as required.
*Qualifications*
- Bachelors Preferred
- 4-5 years cybersecurity risk assessment or audit experience required
The ideal candidate will have experience with and knowledge of the following:
- Security tools such as Rapid7, Splunk, and similar.
- Architecture security concepts, application security requirements and controls, secure coding practices (e.g. OWASP), etc
- Security Frameworks and compliance standards (e.g. CIS, NIST, ISO 27001, HITRUST, etc.)
- ServiceNow experience is a plus.
Soft Skills Required
- Strong analytical and problem-solving skills with attention to detail.
- Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to non-technical stakeholders.
- Ability to work independently and manage multiple tasks effectively.
*Pay Range*
$44.83 - $65.00 /hour
