Senior Business Continuity Analyst
Wellstar Health System
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteJob Level
Senior
Tech Stack
Cloud
About the role
- Performing privacy and security risk assessments
- Assessing third-party vulnerabilities and risk management, mitigating risks and vulnerabilities involved
- Conducting threat analysis on data privacy, system security and their related operational activities
- Planning risk responses as part of the security GRC cloud management process
- Analyzing scope of incident responses, as well as planning and executing their related activities
- Development and maintenance of the information security plan and associated policies
- Providing security policy updates, explanations, formal guidance, and related regulatory references
- Creating program documentation and workflows to support PCI, NIST CSF, HIPAA HITRUST and other information security compliance management programs
- Advising on information system security controls and standards, and their implementation
- Gathering and documenting data flows, system flows and process flow information
- Implementing information security governance, risk management and compliance
- Assessing Information privacy assurance compliance pre and post implementation
- Assessing security requirements of information assets pre and post implementation
- Modeling threats and quantifying risk appetites, and performing digital forensics
- Calculating and qualifying security, vulnerability and compliance risk ratings
- Conducting security investigations as well as privacy and security control assessments
- Carrying-out policy and security control exception analysis and exception request response
- Increase enterprise-wide security awareness and skill levels through planning and implementing large scale training and awareness programs and processes.
Requirements
- Bachelor's Degree
- 4+ years in information security, IT audit
- Strong attention to details and accuracy
- Analytical, verbal and written communication
- Expertise in performing System Security Plans (SSP)
- Third-party vendor contracting and risk management program leader
- Leader in incident response planning and execution management
- Ability to effectively work on multiple projects or tasks simultaneously
- Subject matter expertise in at least one of the following: Security awareness, privacy assessments, threat assessments, identity management/RBAC, endpoint security, and data loss prevention
- Knowledge leader of the HIPAA Security Rule, PCI DSS, NIST or ISO 270001/2
Benefits
- Competitive salary
- Flexible working hours
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
privacy risk assessmentsecurity risk assessmentthird-party vulnerability assessmentthreat analysisincident response planninginformation security governancedigital forensicssecurity compliance managementsecurity control assessmentdata loss prevention
Soft skills
attention to detailanalytical communicationverbal communicationwritten communicationproject managementleadershiptraining and awareness program implementation
Certifications
Bachelor's DegreeNIST CSFHIPAAHITRUSTPCI DSSISO 27001ISO 27002