Information Technology Cybersecurity Specialist II

Responsible for performing risk assessment of applications, infastructure, business and technology vendors against a defined risk framework. Assessments will be conducted either through a formalized risk assessment program or through other risk reporting activities (e.g., policy exceptions, risk acceptance). Also, will work on solutioning the risks and when possible preform hands on tasks to resolve them. Reviews data and makes recommendations on replacement and participate in new technology acquisitions.

Essential Functions and Responsibilities:

1. Schedule and perform cyber risk assessments using methodology to identify, document and communicate control deficiencies in business processes and technology systems.
2. Develops and applies industry supported risk management assessments to prioritize risk within the program. May provide assessments for potential new equipment being added to the environment.
3. Partner with the business and technology to socialize cybersecurity risk findings identified through the risk assessment (e.g., vendor, application, infrastructure), new initiatives, and ad hoc processes.
4. Provide risk remediation recommendations that the stakeholders may implement to mitigate identified control gaps and assist with the remediation when possible.
5. Establish, run, and maintain the risk register
6. Communicate with all levels of technology and operational staff, assist in creation and follow methodologies, creating clear, concise deliverables.

Qualifications:

Required:

• Associate degree in Information Security or information technology or High School diploma and 5 years of experience in supporting information security software products such as Cisco equipment, firewalls, intrusion prevention systems (IPS), VPNs, Web Security Gateways, email security, anti-virus, GRC tools, monitoring networks and interfaces.
• Requires one or more of the following certifications: Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or other related certifications related to IT security.

Preferred:

• Bachelor's degree in information security or information technology.
• 3 years Healthcare experience

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.