Senior Cyber Risk Analyst

Brief Job Description

The Information Security Cyber Risk Analyst performs security risk assessments of third parties and their solutions to ensure that it meets the information security standards adhered to by the client. The security risk assessment is documented in a report that includes an overview of the vendor, technical description of the solution, risks that have been identified, and how they will be addressed. This same individual will have another task surrounding account validation.

Top Skills' Details

1. Third Party Risk Management / Risk Assessments of 3rd party applications (GRC tools - Working understanding of security concepts and tools (LogicGate / Archer / ServiceNow GRC) used to detect or prevent potential threats, including controls related to Identity and Access Management, Data Security, Network security, and Endpoint Protection.) Working understanding of risk management frameworks, methodologies, and their application.

2. Data Analysis - Working knowledge of SailPoint and Active Directory to pull in data to excel for further validation. This individual will help with UAR (User Access Reviews) / identifying stale / duplicate accounts.

3. Communication - This person will be the first line of defense for the organization and will be representing Cybersecurity in the face of both internal stakeholders and external vendors. Will interact with the CISO of the company as well as Cybersecurity Directors.

4. Local to Houston. Although a fully remote position, the CISO has directed this team to prioritize local talent.

Why is the position open

They are adding to the team and hoping this individual can also perform UARs.

Work Environment

This position is 100% remote. These consultants would be a part of a 4 person team including a team lead and they report to the director of Cyber Risk and IAM. They prefer camera on when in meetings virtually.

Employee Value Proposition (EVP)

The healthcare client's Risk & Security team, although remote, interact with each other and have a great culture. The hospital system is located in the largest medical center in the world and they have large multi-million-dollar projects in pipeline. The security team has a weekly touchpoint with the CISO and so this position has C level visibility. The client is looking to convert this role FTE.

Business Drivers / Customer Impact

This GRC / Risk Analyst meets with internal stakeholders and 3rd party vendors to ensure all security controls are being met when implementing new applications and technologies. They will also be validating accounts through Active Directory post migration from Cerner to Epic. Any duplicate accounts will be identified and taken care of.

Description

• Client is prioritizing local candidates in Houston, Texas.

The healthcare client's Information Security Cyber Risk Analyst performs security risk assessments of third-parties and their solutions to ensure that it meets the information security standards adhered to by MH. The security risk assessment is documented in a report that includes an overview of the vendor, technical description of the solution, risks that have been identified, and how they will be addressed. The final report is approved by Cyber Risk leadership and presented to all stakeholders to communicate the risk level to the organization. Late last year the organization successfully migrated to Epic. They are at about 7 / 10 risk maturity level, Governance / policy has been set up to effectively categorize risk. Compliance is what they are looking to improve by automating, implementing, and validating more controls starting within the identity / access controls layer. They have multiple identity (Active Directory) accounts they are looking to consolidate post Epic migration. Account provisioning for Epic was done via SailPoint.

This Risk Analyst will :

Responsibilities / Duties

Skills

third party risk, risk assessment, active directory, cyber risk, user access reviews, cissp, cism, cisa, cyber security, risk management, nist, hipaa, Security controls, sailpoint

Top Skills Details

third party risk,risk assessment,active directory,cyber risk,user access reviews

Additional Skills & Qualifications

Qualifications / Certifications

Experience Level

Expert Level

Pay and Benefits

The pay range for this position is $50.00 - $65.00

Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following :

Workplace Type

This is a fully remote position.

Application Deadline

This position will be accepting applications until Jan 30, 2025.

About TEKsystems :

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

Salary : $50 - $65