Major Responsibilities:

• Conduct risk analysis of HIT applications containing electronic protected health information (ePHI) and Aurora's IT infrastructure.
• Conduct annual site assessments to identify risks and process gaps in the field.
• Maintain the HIT risk register to track identified risks and corrective action plans.
• Develop and maintain metrics to communicate IT risk, including a monthly report of Aurora's top risks for senior management review.
• Coordinate HIT efforts to implement appropriate controls to mitigate IT risk. Reviews risk status with senior leadership on a regular basis.
• Manage and enhance appropriate governance, risk management and compliance (GRC) processes and tools to efficiently manage HIT risk.
• Document security controls for all AAH systems, including but not limited to reviews of current HIT processes and procedures and provide assistance in analyzing and recommending improvements both to minimize risk, but also to guide process owners on potential paths for remediation.
• Coordinates all efforts to effectively identify, report and mediate all security control gaps and vulnerabilities.
• Position focused on automation; programming experience preferred
• Coding and Scripting experience preferred
• Java Script experience preferred

Education Required:

• Bachelor's Degree in Computer Science or related field.

Experience Required:

• Typically requires 3 years of experience in IT security, risk management, and information systems control frameworks (NIST, COBIT, ISO). In lieu of experience, a relevant, advanced certification from ISACA, ISC2, SANS, CompTia or other recognized industry certification body would be considered.

Knowledge, Skills & Abilities Required:

• Excellent organizational and project management skills with the ability to manage and complete multiple projects.
• Proven analytical and problem solving skills.
• Excellent communication skills including the ability to advise and communicate with individuals at all levels of the organization.
• Ability to lead cross-functional teams to improve HIT processes and mitigate risk.

#Remote

#LIRemote

#RiskGovernance

Preferred remote locations in IL, WI, NC, GA

Fully Remote Role from these states: AL, AK, AR, AZ, DE, FL, GA, IA, ID, IL, IN, LA, KS, KY, ME, MI, MO, MS, MT, NC, ND, NE, NH, NM, NV, OH, OK, PA, SC, SD, TN, TX, UT, VA, WI, WV, WY.
Due to complex requirements, remote work is NOT permitted for short or long periods in: CA, CO, CT, HI, MA, MD, MN, NJ, NY, OR, RI, VT, WA and working Internationally (this includes working while on vacation).

No relocation, No Sponsorship for this position.

Physical Requirements and Working Conditions:

• Position may require travel which may result in exposure to road and weather hazards.
• Exposed to normal office environment.
• Operates all equipment necessary to perform the job.

This job description indicates the general nature and level of work expected of the incumbent. It is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities required of the incumbent. Incumbent may be required to perform other related duties.