drjobs Security Analyst GRC

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Chicago - USA

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

The Security Analyst reflects the mission vision and values of NM adheres to the organizations Code of Ethics and Corporate Compliance Program and complies with all relevant policies procedures guidelines and all other regulatory and accreditation standards.

Responsibilities:

  Perform third party risk management including cybersecurity risk assessments to ensure third party partners meet NM requirements.

Collaborate with third party partners and internal departments to ensure NM security requirements are being adhered to.

Examine third party contracts to ensure the accuracy of cybersecurity language and provisions.

Perform annual third party partner cybersecurity assessments and create accompanying reports and audits.

Participate in HIPAA PCI and security assessments.

Analyze archectual diagrams and recommend security measures to safeguard valuable information assets including third party solution diagrams.

Perform risk assessments on cloud services applications servers mobile devices medical devices and IT resources.

Perform annul security policy reviews to keep policies up to date with the changing technologoies and services.

Follow up with IS teams to ensure risk assessments are updated in the GRC tracking tool.

Perform daily operational tasks required for the department to protect NMs assets. Tasks range from (but are not limited to):

o Respond to daily security tickets / requests

o On call rotation

AA/EOE.

 

COMPETENCIES / PERFORMANCE EXPECTATIONS

Third party risk management proficiency

Famaliarity of HIPAA Security and Privacy Rules

Understanding of cybersecurity contract language

Security operations experience

 PCI

QUA


Qualifications :

Required:

  • Bachelors degree or equivalent work experience
  • Two or more years of professional IT experience including Cyber Security
  • Working knowledge of the following subjects:
    • Network (protocols topologies)
    • Security controls (proxies IPS IDS Firewall and packet analyzers)
    • Systems (Windows Linux/UNIX)
    • Software development (development / scripting langages)
    • Incident Response
    • Threat and Vulnerability Management
  • Experience and knowledge of at least two of the major security vendors relevant to the position.
  • Working knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST HIPAA PCI ISO 27001&27002 ITIL).
  • Excellent problem solving skills
  • Demonstrated timely task completion involving solid organizational skills task tracking followup and productive peer interaction.
  • Excellent verbal and written communication skills.

Preferred:

  • Certification or courses: Associate of (ISC)/CISSP GSEC GCWN GCED or CEH a plus


Additional Information :

Northwestern Medicine is an affirmative action/equal opportunity employer and does not discriminate in hiring or employment on the basis of age sex race color religion national origin gender identity veteran status disability sexual orientation or any other protected status.


Remote Work :

No


Employment Type :

Fulltime

Employment Type

Full-time

Company Industry

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.