New 
Senior Cyber Risk Analyst
 TEKsystems | |
$50.00 - $65.00 / hr
| |
life insurance, sick time, 401(k), retirement plan
| |
 United States, Texas, Houston | |
 Feb 20, 2025 | |
|
*Brief Job Description*
The Information Security Cyber Risk Analyst performs security risk assessments of third parties and their solutions to ensure that it meets the information security standards adhered to by the client. The security risk assessment is documented in a report that includes an overview of the vendor, technical description of the solution, risks that have been identified, and how they will be addressed. This individual will also build workflows in their GRC tool, LogicGate. *Top Skills' Details* 1. Third Party Risk Management/ Risk Assessments of 3rd party applications (GRC tools - Working understanding of security concepts and tools (LogicGate/Archer/ServiceNow GRC)) used to detect or prevent potential threats, including controls related to Identity and Access Management, Data Security, Network security, and Endpoint Protection.) Working understanding of risk management frameworks, methodologies, and their application. 2. Developing GRC Workflows - The ideal candidate would have experience developing GRC workflows in the GRC Tool, LogicGate, but if they have GRC workflow development experience in a comparable tool (Archer, ServiceNow GRC, etc.) and have used LogicGate or have an understanding of the platform, they will still be considered. The client has 3+ questionnaires (PCI Compliance, AI Governance, Enterprise Risk) that are built, but they need to develop the workflow within LogicGate. 3. Communication - This person will be the first line of defense for the organization and will be representing Cybersecurity in the face of both internal stakeholders and external vendors. 4. Local to Houston/Texas market. Although a fully remote position, the CISO has directed this team to prioritize local talent. *Description* * Client is prioritizing local candidates in Houston or in the state of Texas. * The healthcare client's Information Security Cyber Risk Analyst performs security risk assessments of third parties and their solutions to ensure that it meets the information security standards adhered to by company standards. The security risk assessment is documented in a report that includes an overview of the vendor, technical description of the solution, risks that have been identified, and how they will be addressed. The final report is approved by Cyber Risk leadership and presented to all stakeholders to communicate the risk level to the organization. Late last year this client successfully migrated to Epic. They are at about 7/10 risk maturity level, Governance/policy has been set up to effectively categorize risk. Compliance is what they are looking to improve by automating, implementing, and validating more controls. This individual will also possess a skillset that will allow them to build workflows in their GRC tool, LogicGate. They have multiple questionnaires that they need to define a series of steps within the platform to automate and streamline compliance-related processes. Responsibilities/Duties *Collaborates with stakeholders to understand the scope of a project, its supporting architecture, data, and user workflows. *Produces, presents, and publishes security risk assessment reports. *Identifies risks, their likelihood, impact, and the overall risk level to the organization. *Identifies potential controls to address or reduce risk to the organization. *Tracks and monitors identified risks until they are addressed with agreed upon risk treatment. *Participates in knowledge sharing and peer review to support the Cyber Risk team. *Provides guidance regarding Information Security policies, procedures, and standards. *Maintains education and knowledge of developing IT technology, security best practices, and current events in the information security sector. *Skills* Third party risk assessments, Third party risk, Rmf, GRC Workflow, cissp, cism, cisa, cyber security, risk management, nist, hipaa, Security controls *Top Skills Details* Third party risk assessments,Third party risk,Rmf,GRC Workflow *Additional Skills & Qualifications* *Ability to perform critical analysis of existing and emerging solutions *Excellent writing skills for composing and publishing professional, well-written reports. *Technical background that allows for the operational understanding and analysis of varying types of solution architectures, including on-premises, cloud, and hybrid environments. *Ability to effectively manage multiple concurrent tasks for both prioritization and time allocation. *Familiarity with current information security standards, certifications, and regulations. Qualifications/Certifications *Bachelor's degree or equivalent work experience *3+ year of experience in information security related field *3+ year experience in information technology *Information Security Certifications (CISSP, CISM, CISA, CRISC) *Employee Value Proposition (EVP)* The company's Risk & Security team, although remote, interact with each other and have a great culture. The hospital system is located in the largest medical center in the world, and they have large multi-million-dollar projects in pipeline. The security team has a weekly touchpoint with the CISO and so this position has C level visibility. *Work Environment* This position is 100% remote. These consultants would be a part of a 4-person team including a team lead and they report to the director of Cyber Risk and IAM. They prefer camera on when in meetings virtually. *Business Drivers/Customer Impact* This GRC/Risk Analyst meets with internal stakeholders and 3rd party vendors to ensure all security controls are being met when implementing new applications and technologies. They will also be building workflows in the GRC tool LogicGate. *Pay and Benefits* The pay range for this position is $50.00 - $65.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: * Medical, dental & vision * Critical Illness, Accident, and Hospital * 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available * Life Insurance (Voluntary Life & AD&D for the employee and dependents) * Short and long-term disability * Health Spending Account (HSA) * Transportation benefits * Employee Assistance Program * Time Off/Leave (PTO, Vacation or Sick Leave) *Workplace Type* This is a fully remote position. *Application Deadline* This position is anticipated to close on Feb 28, 2025. About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. | |