Cybersecurity Risk Senior Analyst

Indiana University Health is unlike any other healthcare system and we're looking for team members who share the things that matter most to us. People who are inspired by challenging and meaningful work for the good of every patient. People motivated to do their best every day. People who are always ready to apply themselves. As one of Indiana's largest employers, our vision is to lead the transformation of healthcare through quality, innovation and education, and make Indiana one of the nation's healthiest states.

Cybersecurity Risk Senior Analyst

RESPONSIBILITIES:

• Leads risks assessments for various cyber security scenarios utilizing both quantitative and qualitative methodologies. 
• Maintains control documentation for critical systems, including mappings to relevant frameworks (i.e. NIST 800-53, HIPAA Security Rule, etc.) and leads periodic control testing engagements, including quality assurance reviews. 
• Documents and tracks risk remediation plans and effectively communicates risk status to various levels of management. 
• Assist department leadership with development / maintenance of department process and procedure design / documentation.

STRONGLY PREFERRED:

• Healthcare background (5+ years)
• Business Continuity/Disaster Recover experience 

REQUIREMENTS:

• 5-7 years of relevant experience is required.
• Requires knowledge of computer networking concepts and protocols, and network security methodologies.
• Requires knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage and transmission of information or data (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Requires skill in conducting reviews of systems, assessing security systems designs and security controls based on cybersecurity principles and tenets (e.g. NIST SP 800-53, ISO 27001, etc.).
• Requires skill in performing impact / risk assessments (utilizing quantitative risk analysis methodologies).
• Requires skill and knowledge to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Requires demonstrated project management skills.
• Must have a proven track record of effective communication skills with all levels of organizational leadership. 
• Bachelor's Degree or equivalent years of experience is required.
• At least one relevant certification is required, multiple are preferred (i.e. CISA, CISM, CRISC, Security+, FAIR Fundamentals, etc.).

• Indiana University Health has nearly 40,000 team members, including more than 3,600 physicians and 1,200 advanced practice providers, and we’re home to the largest nursing network in Indiana with more than 9,000 nursing team members at over 800 sites of care.
• IU Health is ranked No. 1 in Indiana by U.S. News & World Report, Riley Children's Health is ranked among the top children's hospitals in the country by U.S. News & World Report.
• A unique partnership with the Indiana University School of Medicine – one of the nation’s largest medical schools – gives patients access to groundbreaking research and innovative treatments, and it offers team members access to the latest science and the very best training – advancing healthcare for all.
• With 15 hospitals, including seven with Magnet designation and eight with Pathways to Excellence designation, our team members are leading the way through excellence.
• At Indiana University Health, your personal and professional growth is a top priority. You will have access to many diverse opportunities to learn and develop in meaningful ways that matter most to you, such as advanced clinical training, leadership development, promotion opportunities and cross training development.
• Indiana University Health is invested in the lives of Hoosiers, leading the transformation of healthcare to make Indiana one of the nation’s healthiest states.