Spclst IT Risk Mgmt

Northern Westchester Hospital Melville , NY 11747

Posted 3 months ago

Job Description:

Strong vendor management experience required

In the role of I.T. Risk Management Analyst, you will collaborate with IT Security management in the development of enterprise Security assessment tools and policy and procedures. You will assess information risk and facilitate remediation of identified vulnerabilities with the Health System's Enterprise network, systems and applications. Lastly, you will report on findings and recommendations for corrective action.

Job Responsibilities Include:

  • Collaborates with IT Security management in the development of enterprise Security assessment tools and policy and procedures.

  • Performs vulnerability assessments as assigned utilizing I.T. Security tools and methodologies. Summarizes risk posture across the Health System or within specific business units.

  • Identifies opportunities to reduce risk within the Health System, detects and remediates vulnerabilities and ensures compliance and audit readiness.

  • Makes recommendations for corrective action and documents management decisions regarding acceptance or mitigation of risk scenarios.

  • Facilitates and monitors performance and compliance of risk remediation tasks. Reports on findings.

  • Liaises with Health System's partners and vendors regarding the security maintenance of their systems and applications.

  • Creates and presents changes related to risk mitigation to Change Authorization Board, as needed.

  • Provides weekly status on project status, including outstanding issues.

  • Participates in the development of 'security awareness' education and training, as necessary.


  • High School Diploma or equivalent, required and minimum of eight (8) years progressively responsible information technology risk management experience, required.


  • Bachelor's Degree in Information Security or Audit or related field, required.


  • Minimum of five (5) years progressively responsible information security assessment or audit experience, required. Healthcare environment, preferred.

  • Certified in at least one of the following: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Security+, Global Information Assurance Certification (GIAC) or related certification, required.

  • Thorough knowledge and understanding of current information risk assessment techniques, required.

  • Familiarity with Federal and State compliance regulations including HIPPA, PCI-DSS and Meaningful Use, required.

  • Strong interpersonal and communication skills and the ability to work with all levels of management, required.

  • Project management skills, required.

Our Culture

Transforming care, optimizing patient satisfaction and creating better patient outcomes are just some of the things our talented team members are doing at North Shore-LIJ each and every day. As a culture committed to providing our customers with the highest quality service, we stand behind our core values: Patients first; Caring; Excellence; Innovation; Integrity and Teamwork. It is our commitment and our culture that sets us apart from others and is the cornerstone of everything we do. Join an organization whose team members are valued, cared for and offered continuous opportunities to grow. Click on the link to learn more about us: www.northshorelij.com/goals

Please note: North Shore-LIJ is a smoke-free environment. Smoking and the use of tobacco products is strictly prohibited anywhere on campus, including parking lots and outdoor areas on the premises. Free smoking cessation programs and quit medications are offered to team members who wish to quit through the North Shore-LIJ Center for Tobacco Control.

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Spclst IT Security Training

Northern Westchester Hospital

Posted 4 days ago

VIEW JOBS 9/20/2018 12:00:00 AM 2018-12-19T00:00 Job Description Position Summary: Coordinate and provide direct support for the enterprise-wide Information Security Awareness and related Training Program activities. Develop material and oversee the Phishing Awareness Program. Responsibilities: 1. Responbility assisting in the the enterprise-wide Information Security Awareness and Training Program. 2. Manage Phishing Awareness Program by designing content and education and coordinating all aspects of the anti-phishing campaigns. 3. Assist course managers and Subject Matter Experts to analyze, design, and develop instructional materials. 4. Evaluate effectiveness of security awareness training as well materials provided and recommend changes, as needed. 5. Gather data, analyze results and develop reports on metrics that measure the effectiveness of the program. 6. Develop different types of educational and awareness materials to train Health System staff and conduct seminars on security awareness topics. 7. Partner with key stakeholders including Corporate Communications, Compliance and Human Resources to coordinate the distribution of awareness messages to Health System staff using a variety of communication methods and channels, e.g. email, newsletters etc. 8. Interact with end users to educate and provide awareness. Establish and maintain strong cross-functional working relationships. 9. Keep current on information security issues and changes to industry standards and best practices. 10. Support IT Security Governance Program by assisting in the development and maintenance of IT security policies, standards, and guidelines. 11. Perform other duties as assigned, as required. Qualifications * Bachelor's Degree from an accredited college or university, required. * Minimum of three (3) years of experience working with or supporting training in a large organization. Experience with email anti-phishing services, preferred. * Superior writing skill and creative skills, required. * Excellent collaboration, communication, interpersonal, organizational and presentation skills, required. * High proficiency and experience with MS Office Suite (Word, Excel, PowerPoint, etc.), required. * Information Security experience preferred including a working knowledge and understanding of key IT standards, regulations, frameworks and best practices (i.e., HIPAA, PCI, NIST, ISO27001), required. Northern Westchester Hospital Melville NY

Spclst IT Risk Mgmt

Northern Westchester Hospital