Specialist, IT Risk Mgmt
Melville, NY

Job Description

Job Description

In the role of I.T. Risk Management Analyst, you will collaborate with IT Security management in the development of enterprise Security assessment tools and policy and procedures. You will assess information risk and facilitate remediation of identified vulnerabilities with the Health System's Enterprise network, systems and applications. Lastly, you will report on findings and recommendations for corrective action.

Job Responsibilities Include:

* Collaborates with IT Security management in the development of enterprise Security assessment tools and policy and procedures.


* Performs vulnerability assessments as assigned utilizing I.T. Security tools and methodologies. Summarizes risk posture across the Health System or within specific business units.
* Identifies opportunities to reduce risk within the Health System, detects and remediates vulnerabilities and ensures compliance and audit readiness.
* Makes recommendations for corrective action and documents management decisions regarding acceptance or mitigation of risk scenarios.
* Facilitates and monitors performance and compliance of risk remediation tasks. Reports on findings.
* Liaises with Health System's partners and vendors regarding the security maintenance of their systems and applications.
* Creates and presents changes related to risk mitigation to Change Authorization Board, as needed.
* Provides weekly status on project status, including outstanding issues.
* Participates in the development of 'security awareness' education and training, as necessary.

Qualifications

* High School Diploma or equivalent, required and minimum of eight (8) years progressively responsible information technology risk management experience, required.

OR

* Bachelor's Degree in Information Security or Audit or related field, required.

AND

* Minimum of five (5) years progressively responsible information security assessment or audit experience, required. Healthcare environment, preferred.
* Certified in at least one of the following: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Security+, Global Information Assurance Certification (GIAC) or related certification, required.
* Thorough knowledge and understanding of current information risk assessment techniques, required.
* Familiarity with Federal and State compliance regulations including HIPPA, PCI-DSS and Meaningful Use, required.
* Strong interpersonal and communication skills and the ability to work with all levels of management, required.
* Project management skills, required.

Our Culture

Transforming care, optimizing patient satisfaction and creating better patient outcomes are just some of the things our talented team members are doing at North Shore-LIJ each and every day. As a culture committed to providing our customers with the highest quality service, we stand behind our core values: Patients first; Caring; Excellence; Innovation; Integrity and Teamwork. It is our commitment and our culture that sets us apart from others and is the cornerstone of everything we do. Join an organization whose team members are valued, cared for and offered continuous opportunities to grow. Click on the link to learn more about us: www.northshorelij.com/goals

Please note: North Shore-LIJ is a smoke-free environment. Smoking and the use of tobacco products is strictly prohibited anywhere on campus, including parking lots and outdoor areas on the premises. Free smoking cessation programs and quit medications are offered to team members who wish to quit through the North Shore-LIJ Center for Tobacco Control.