Job Description

At Harris Health System, we champion better health for our patients, their families and our community, by connecting them to an integrated healthcare system that provides high-quality healthcare. Harris Health focuses on the delivery of primary care, wellness and prevention services to the residents of Harris County, Texas, through its extensive network of inpatient and outpatient facilities. Harris Health is a proud recipient of the prestigious National Committee for Quality Assurance designation for its patient-centered medical homes. Harris Health's medical faculty and residents are provided by its nationally recognized medical school partners: Baylor College of Medicine; McGovern Medical School at The University of Texas Health Science Center at Houston (UTHealth); and The University of Texas MD Anderson Cancer Center.

Skills / Requirements

JOB SUMMARY:
The Information Security Risk Assessment Analyst reports to Manager, Information Security Risk Management.  The Information Security Risk Assessment Analyst (ISRAA) will participate in system-wide information security risk assessment program. The ISRAA will make recommendations on methods of safeguarding data, information systems, and technology infrastructure to ensure that organizational information security risks are identified and managed. The ISRAA will play a critical role on the information security risk assessment team, by performing information system risk assessments of applications, technology initiatives, business associates, third-party vendors and suppliers using RSAM. Assist with creation and updates to information security policies and standards.

MINIMUM QUALIFICATIONS: 
Education/Specialized Training/Licensure:
a. Bachelors degree in Computer Science, MIS, CIS, preferred; or four (4) years experience in a related field.
b. CRISC, CISA, HCISPP, CIPP, CISSP, GSNA, preferred

WORK EXPERIENCE:
Three (3) years of experience, Knowledge of HIPAA Security rule, HITECH, Payment Card Industry (PCI), NIST Cybersecurity Framework. In addition, understanding of NIST SP 800-53r4, COBIT, and ITIL frameworks preferred. RSAM or other GRC tools experience preferred. Previous IT audit and risk management experience, or equivalent combination of education and experience. HCISPP, CIPP, CISA, CISM, CRISC, GSNA and/or CISSP highly desirable or must be obtained within 6 months of accepting position

SPECIAL REQUIREMENTS:
Communication Skills:
Exceptional Verbal (Public Speaking)
Writing/Composing (Correspondence/Reports)

Other Skills:
Analytical/ Statistical

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online