EITS Security Risk Analyst B (Engagement)--Remote Job

Job43 – EITS Security Risk Analyst B (Engagement) Location: 100% Remote Max Submissions: 5 Proposed Start Date: ASAP Proposed End Date: 06/30/2026 Role Overview

• Serve as a liaison between the CISO’s strategic initiatives and the IT operational teams.
• Translate business IT risk requirements into technical control specifications.
• Develop risk metrics for performance measurement and reporting.
• Coordinate enterprise-level security and risk management efforts.
• Act as a subject matter expert (SME) on information security and regulatory compliance.

Key Responsibilities

Security & Risk Management

• Maintain and enforce the enterprise information security and risk management framework.
• Conduct risk analysis and develop mitigation strategies.
• Monitor and assess the enterprise threat landscape.
• Provide realistic risk reporting to the CISO and leadership teams.
• Track and document internal risk reviews, assessments, and exceptions using a GRC tool.

Governance & Compliance

• Document and maintain risk governance methodologies, policies, and procedures.
• Ensure compliance with:
• HIPAA
• * Joint Commission
• * DSRIP
• * COBIT
• * State privacy laws
• Conduct and support internal and external audits (operational, compliance, reputational, security).
• Serve as SME for EMR and PHI-related security risks.

Risk Assessments & Gap Analysis

• Perform enterprise security risk assessments and gap analyses for new technologies and products.
• Develop and manage risk remediation plans and work plans.
• Identify information asset owners for data classification initiatives.
• Support risk exception and risk acceptance documentation processes.

Technical & Cross-Functional Collaboration

• Partner with enterprise architecture teams to align business, technical, and security requirements.
• Collaborate with security engineering teams to implement security controls.
• Facilitate meetings between stakeholders and IT teams.
• Provide written and verbal reports to leadership and committees (including Operational Risk Committee).

Required Qualifications

Experience

• Minimum 7 years of IT experience
• At least 5 years in IT Security Risk Management / Risk Audit / Data Privacy Investigation
• Minimum 2 years in a supervisory capacity

Healthcare Industry Expertise (Required)

• Strong understanding of:
• EMR systems
• * PHI data privacy
• * Healthcare regulatory environment
• Experience with HIPAA, Joint Commission, CMS regulations

GRC & Security Framework Knowledge

• Hands-on experience with GRC tools (ServiceNow, Archer, MetricStream preferred)
• Working knowledge of:
• NIST CSF
• * HITECH
• * ISO 27001/27002
• * PCI DSS
• * COBIT

Technical Skills

• Experience reviewing IT solution requirements and implementing security controls
• Strong analytical and risk assessment skills
• Ability to design compensating controls for security vulnerabilities
• Ability to assess business impact of security tools and policies

Education & Certifications

• Bachelor’s degree in Information Systems or related field
• Preferred Certifications:
• CISSP
• * CISA
• * CRISC
• * Other relevant security certifications

Preferred Soft Skills

• High integrity and ability to work independently
• Strong communication and reporting skills
• Ability to work in fast-moving environments
• Experience participating in special projects
• Ability to support various locations and flexible shifts if required

Thanks & Regards Bhanu Prakash DeltaSoft Solutions [email protected] Apply tot his job Apply To this Job