The Cyber Security Analyst I is responsible for the review of IT Governance, Risk and Compliance (GRC) aspects of the business. This position will work closely with business stakeholders during contract negotiations and will conduct Vendor Risk Assessments (VRA) and Application Risk Assessments (ARA) using industry NIST/ISO best practices. This position should have an entry level understanding of Security Governance frameworks/standards such as HIPAA, PCI/DSS, NIST and ISO. Additionally, the ability to work with structure policies and procedures along with keeping such documents current is critical. Further, this position requires exceptional customer service skills with the ability to communicate with many internal/external customers at different levels within the organizational hierarchy. The Cyber Security Analyst I is also responsible for supporting the business goals and objectives for the Department, the Information Management Organization, and the organization as a whole.
Review Contracts -- Identify and classify Information Security Risks.
Perform Vendor Risk Assessments -- work with business stakeholders to classify and mitigate identified security risks.
Provide daily support of Business Stakeholders as assigned by the Security Assurance ticketing system.
Research and understand emerging information security threats and vulnerabilities
Perform "other" risk assessments under the guidance of the Director of Information Security; such as HIPAA, PCI/DSS, etc...
Assist with the selection of tools which enforce or monitor compliance with information security policies, standards and requirements
Provide after hours coverage for security event monitoring and incident response.
Teamwork -- Maintains and demonstrates the ability to work well on assigned tasks through actions and job performance. Collaborates with and assists IM leaders, directors and staff in the fulfillment of corporate objectives and goals.
Communication: Follows approved mechanisms to document and report on all incidents/events. Escalates issues appropriately. Assist in the development of the security plan.
Associate degree in Computer Science, Information Systems, Business Management or related field or equivalent military experience (preferred)
No experience required. College graduate or recently separated (Honorably) Vet with applicable Military Experience willing to pursue a career in Information Security is acceptable. Previous experience in security assurance is a plus
CHRISTUS HEALTH is an international Catholic, faith-based, not-for-profit health system comprised of almost more than 600 services and facilities, including more than 60 hospitals and long-term care facilities, 350 clinics and outpatient centers, and dozens of other health ministries and ventures. CHRISTUS operates in 6 U.S. states, Colombia, Chile and 6 states in Mexico. To support our health care ministry, CHRISTUS Health employs approximately 45,000 Associates and has more than 15,000 physicians on medical staffs who provide care and support for patients. CHRISTUS Health is listed among the top ten largest Catholic health systems in the United States.