IS Project Leader-Security Risk Assesor/Analyst

• Full-time

Client is a leader in the healthcare industry responsible for almost 60% of all the hospitals and facilities in Illinois. Rated as one of the best healthcare companies in the country, they are revamping their IT Security department. They are looking for the best employees to help with this initiative and currently are hiring Security Risk Assessors. If you are looking to work for the best Healthcare company in the Midwest, then this is the job for you!

The Security Risk Assessor will be responsible for identifying, prioritizing, reporting, and tracking information technology and process security risks. Applying in-depth knowledge of regulatory requirements (HIPAA, PCI, etc.), industry trends, and Information Security best practices, this position will assess risk over a spectrum of technologies, from large and complex projects to smaller service-based initiatives. This position produces assessments with evidence and policy-based descriptions of identified risks as well as recommended options for remediating them. The Security Risk Assessor ensures that identified risks are centrally recorded with sufficient detail (e.g., ownership, priority, follow-up plans, and dates) to produce up-to-date profiles of enterprise risk status. The Security Risk Assessor will successfully articulate the risk profile and status to both technology and business leadership.

Apply proven methods of risk assessment in collaboration with business and IT stakeholders to identify, prioritize, and communicate security risk. Provide security requirements and guidance to business owners and Information Technology sponsors to ensure alignment to Information Security policy, process, and standards.

Minimum Requirements:

1. Bachelor’s degree appropriate to Cybersecurity discipline or equivalent combination of education and experience. Related certifications (e.g., CISSP, CISM, CISA) preferred.
2. 5 – 10 years of combined IT and security work experience with a broad range of exposure to business/systems analysis and security assessments.
3. In-depth knowledge of Information Security risks and one or more security frameworks (HIPAA, PCI, etc.) and industry best practices.
4. Working knowledge of technical areas such as data warehouses, mainframes, networks, applications, etc.
5. Experience in leading Information Services projects.
6. Experience in delivering formal presentations.
7. Excellent verbal and written communication skills.
8. Project Management Education.

All your information will be kept confidential according to EEO guidelines.