<< Return to Search Results
Information Security Analyst – Risk
Atlanta, Georgia 30339
6+ Month Contract
This client is one of the largest and fastest growing health systems across GA. With this, the Governance, Risk and Compliance team at this client has quickly and consistently grown to support the organization’s increased needs. The team is looking for an additional team member to support the performance of risk assessments of internal and external applications/solutions, determining the adherence to the company’s policies, standards, and industry best practices. This supplemental support will allow current team members to take on responsibilities associated with a system-wide initiative, allowing for continued operational efficiency during this exciting and dynamic time.
- Bachelor's degree in Information Security of related field required
- In lieu of degree, four (4) years of relevant work experience will be accepted in addition to the experience requirements.
- If no degree, a total of 6 years of experience is required.
- Two (2) or more years of risk assessment experience.
- Two (2) years of experience in Information Security or a closely related field involving Security and regulations (such as HIPAA, PCI-DSS 3.2, ISO 27001, HITRUST, and NIST) with a solid understanding of network security protocols and methodologies. With this, the individual is expected to leverage his/her Information Security Policy experience to assist in the review and maturation of the existing policy to align with industry standard.
- Vendor risk management experience preferred, specifically as it relates to risk assessments and product assessments.
- Skill and ability in Microsoft Office applications.
- Working knowledge of GRC automated tools (e.g. RSAM).
- Proficient in the design and implementation of effective Information Security controls.
- Solid understanding of the Information Security & IT controls, Service Organization Controls (SOC), penetration and vulnerability assessments.
- Demonstrated knowledge of generally known information technology platforms, standards, and software development languages.
- Healthcare experience preferred.
- Certified in one or more of the following area(s):
- Certified Information Systems Security Professional (CISSP)
- Healthcare Certified Information Security and Privacy Professional (HCISPP)
- GIAC Security Essentials Certified (GSEC)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Systems Auditor (CISA) or equivalent certification
- Strong project management skills with leadership experience in an IT Support Organization preferred.
- Ensures the integrity and protection of networks, systems and applications by technical enforcement of organization security policies, through the performance of formal Risk Assessments, Policy Governance and internal Threat Analysis.
- Performs periodic and on-demand system and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
- Assists in the 60-70 backlogged assessments in process.
- Interacts with vendor resources ad key stakeholders to ensure assessment completion.
- Tracks or utilizes automated Governance, Risk and Compliance tools to track artifacts of the risk management lifecycle.
- Responsible for information security preparedness, policies, practices, and identifying and mitigating information security risks to applications, systems, infrastructure, and data on behalf of the client's business areas
- Assists in creating and maintaining corrective action plans resulting from risk assessments and audit initiatives.
- Assists in department self-audit, internal audit, external audit reviews, and risk assessments for the department and for end user departments.
Brooksource provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, national origin, age, sex, citizenship, disability, genetic information, gender, sexual orientation, gender identity, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state, and local laws.