Sr Technology Risk Analyst - Remote

City of Hope

Duarte, CA

Job posting number: #7255793 (Ref:10026569)

Posted: October 17, 2024

Salary / Pay Rate: $49.75 - $79.59 / hour

Application Deadline: Open Until Filled

Job Description

Join the transformative team at City of Hope, where we're changing lives and making a real difference in the fight against cancer, diabetes, and other life-threatening illnesses. City of Hope’s growing national system includes its Los Angeles campus, a network of clinical care locations across Southern California, a new cancer center in Orange County, California, and treatment facilities in Atlanta, Chicago and Phoenix. Our dedicated and compassionate employees are driven by a common mission: To deliver the cures of tomorrow to the people who need them today.

** This is a Fully Remote Opportunity within the United States**

As a successful candidate, you will:

The Senior Technology Risk Analyst supports the CISO leading the evolution of the confidentiality, integrity, and availability of the information assets related to City of Hope business and information systems. The incumbent in this role acts as an expert in the development of the information security program by contributing to the development of an enterprise-wide security risk program, policies and standards, vulnerability life-cycle management and remediation, evaluation of new security technologies, and contributes to security incident and event management. The incumbent provides administrative support as well as supports and assists with coordination and implementation of all process and technical aspects of the Information Security Program.

  • Develop, publish, risk analysis and assessment protocols for information security risk management purposes.
  • Works with Info Sec staff and business and technical teams to implement risk-related activities including accessing, planning, testing, reporting and recommending appropriate remediation measures.
  • Perform information security evaluations for information technology projects to ensure compliance with policies and regulatory requirements.
  • Serves as the first point of contact for information security reviews and risk assessments pertaining to contracts with City of Hope (COH) business units and vendors.
  • Conduct periodic self-assessments and gap analysis related to information security controls and manage the remediation to correct the gaps.
  • Participate in verifying network, wireless and firewall security systems by conducting reviews and policy assessments.
  • Validates HIPAA Security Rule requirements for administrative, physical and technical security safeguards have been established for potential and existing business partners using assessment questionnaire responses, policy and procedure review, vendor interviews and other relevant support documentation.
  • Ensures compliance to regulations, business requirements and City of Hope policies, standards, and procedures.
  • Creates Executive Summary reports for each completed assessment highlighting important safeguards, identifying potential risk areas, and deriving an overall risk rating for the vendor relationship.
  • Monitor risk mitigation and coordination of policies, standards and controls with the ISO and Compliance Officer.
  • Works with internal assessment team to develop a risk scoring methodology for the assessment questionnaire review to improve consistency in scoring individual and overall questionnaire responses.
  • Continuously works toward improving workflow throughput by improving questionnaire content, reducing follow-up questions and improving overall vendor responses.
  • Participates in effort to create questionnaire addressing vendor use of Cloud-based solutions within the requirements of HIPAA and of generally accepted security practices.
  • Information Security liaison to MediTract/Contract Collaborator platform and Contracts Management team.
  • Prepare documentation to support the development of information security policies, standards, guidelines, procedures and awareness training.
  • Coordinates, schedules and tracks meetings of the ITS Policy Governance Committee.
  • Participates in the development of the information security program by contributing to the development of Information Security policies, standards and procedures.
  • Contributes to the forensic analysis of security violations.
  • Participates in Privacy & Security Committee meetings as a liaison for information security items including exceptions.
  • Develop the Exception Management Process and write the operating procedures.
  • Works with Compliance Manager to track policy exceptions.
  • Reviews new and renewed exception requests.
  • Presents exception report at the monthly Privacy & Security Committee meetings.
  • Supports the Chief Information Security Officer (CISO) in evolving the confidentiality, integrity, and availability of the information assets related to City of Hope business and information systems.
  • Performs other related duties as assigned or requested.

Your qualifications should include:

  • Bachelor’s Degree; 3 additional years of experience plus the minimum experience requirement may substitute for minimum education.
  • 5+ years of experience.

OR

  • Masters degree and 3 years of experience
  • Hospital/healthcare industry experience is desirable, but not required.

Preferred Certification/Licensure: GSEC - GIAC’s Security Essentials Certification (or within 12 months of hire)

Any other certification is highly desirable:
CISA – Certified Information Systems Auditor
GIAC:

  • GISP – Information Security Professional
  • GSEC – Security Essentials Certification
  • SSCP- Systems Security Certified Practitioner
  • GISF- Information Security Forensics
  • CBCP - Certified in Business Continuity Planning

City of Hope is an equal opportunity employer. To learn more about our commitment to diversity, equity, and inclusion, please click here.

To learn more about our Comprehensive Benefits, please CLICK HERE.

Salary / Pay Rate Information:
Pay Rate: $49.75 - $79.59 / hour

The estimated pay scale represents the typical [salary/hourly] range City of Hope reasonably expects to pay for this position, with offers determined based on several factors which may include, but not be limited to, the candidate’s experience, expertise, skills, education, job scope, training, internal equity, geography/market, etc. This pay scale is subject to change from time to time.



City of Hope is a community of people characterized by our diversity of thought, background and approach, but tied together by our commitment to care for and cure those with cancer and other life-threatening diseases. The innovation that our diversity produces in the areas of research, treatment, philanthropy and education has made us national leaders in this fight. Our unique and diverse workforce provides us the ability to understand our patients' needs, deliver compassionate care and continue the quest for a cure for life-threatening diseases. At City of Hope, diversity and inclusion is a core value at the heart of our mission. We strive to create an inclusive workplace environment that engages all of our employees and provides them with opportunities to develop and grow, both personally and professionally. Each day brings an opportunity to strengthen our work, leverage our different perspectives and improve our patients’ experiences by learning from others. Diversity and inclusion is about much more than policies and campaigns. It is an integral part of who we are as an institution, how we operate and how we see our future.


Apply Now

Please mention to the employer that you saw this ad on AmericanScience.org

Job posting number:#7255793 (Ref:10026569)
Application Deadline:Open Until Filled
Employer Location:City of Hope
Duarte,California
United States
More jobs from this employer
Institution Website