Information Security GRC Analyst II - Informati...

@ Talentify.io

About Information Security GRC Analyst II - Information Solutions

This is an exciting opportunity to advance your career in a mission-driven organization within the healthcare information security industry. You will work in a collaborative environment focused on supporting academic, research, and healthcare missions while protecting sensitive information assets.

Key Responsibilities

• Develop, maintain, and communicate security policies, standards, procedures, and guidelines.
• Conduct information security risk assessments and business impact analyses.
• Monitor and assess compliance with HIPAA/HITECH and the NIST Cybersecurity Framework.
• Coordinate and support internal and external audits and assessments.
• Maintain documentation of security controls, processes, and procedures.

Qualifications

A Bachelor’s degree in information security, information assurance, computer science, cybersecurity, risk management, or a related field is required. Candidates should have a minimum of 2 years of IT security experience with a Bachelor’s degree or 4-7 years of hands-on experience in information security, GRC, compliance, audit, or related IT experience. A solid understanding of information security risk concepts and assessment methodologies, strong communication skills, and proficiency with GRC tools are essential.

Preferred Qualifications

• Experience with compliance requirements in academic medical centers.
• Familiarity with NIST Cybersecurity Framework 2.0 and NIST SP 800-53 controls.
• Experience conducting risk assessments in healthcare or higher education environments.
• Experience with GRC platforms such as ServiceNow GRC.
• Advanced certifications such as CISSP, CCSP, or GIAC Security Essentials (GSEC).

Key skills/competency

Information Security, GRC, Compliance, Risk Assessment, HIPAA, NIST, Audit, Documentation, Communication, Healthcare