Working remotely on a contract-to-hire basis, the full-time Security Risk Analyst - Healthcare will interface between strategic security activities and technical implementation, translating IT-risk requirements into actionable controls while ensuring compliance with healthcare regulations. Key responsibilities Interface between the CISO's strategic activities and technology-focused teams to manage security risks Translate business IT-risk requirements into technical control specifications and develop performance metrics Act as a subject matter expert on information security and compliance for assigned business units Required qualifications Bachelor's degree in information systems Experience in the healthcare industry with knowledge of EMR systems and data privacy issues related to PHI Strong understanding of security frameworks such as NIST CSF, HITECH, and HIPAA Experience with GRC software tools and conducting information security assessments Relevant security qualifications such as CISSP, CISA, or CRISC preferred
