NEWPosted 9 hours ago

Job ID: JOB_ID_1588

Position Summary

NYC Health & Hospitals is seeking a dedicated Security Risk Analyst for a 100% remote contract role. This position serves as a critical bridge between the Chief Information Security Officer’s (CISO) strategic initiatives and the technical execution teams. The successful candidate will translate high-level IT risk requirements into specific technical control specifications, ensuring that the organization remains compliant with stringent healthcare regulations. This role is part of the Enterprise Information Technology Services (EITS) team, focusing on consistent delivery of information security and risk management services across the entire enterprise.

Core Responsibilities

  • Act as a Subject Matter Expert (SME) for business units regarding information security and regulatory compliance.
  • Translate business constraints and IT risk requirements into actionable technical control requirements.
  • Develop and monitor performance metrics for ongoing security reporting and risk assessment.
  • Coordinate technical activities across the IT organization to implement and manage security controls.
  • Conduct and respond to comprehensive information security assessments and audits.
  • Review IT solution requirements to validate the implementation of security controls.
  • Resolve complex security vulnerabilities and design effective compensating controls.
  • Ensure compliance with HIPAA, Joint Commission, DSRIP, COBIT, and state privacy laws.

Technical and Industry Requirements

  • Extensive experience with formal GRC (Governance, Risk, and Compliance) applications such as ServiceNow, Archer, or MetricStream.
  • Deep knowledge of the Healthcare industry, including EMR systems and PHI data privacy requirements.
  • Strong understanding of security frameworks including NIST CSF, HITECH, ISO 27001/27002, and PCI DSS.
  • Ability to analyze the business impact of security tools, technologies, and policies.
  • Experience in managing risk audits and data privacy investigations.

Qualifications

Candidates must possess a Bachelor’s degree in Information Systems or a related field. A minimum of 7 years of overall IT experience is required, with at least 5 years dedicated specifically to IT Security Risk Management or Risk Audit. Additionally, at least 2 years of experience in a supervisory capacity is necessary to lead technical initiatives effectively. Preferred certifications include CISSP, CISA, or CRISC, which demonstrate a high level of professional expertise in the field of information security and risk management.

Special Requirements

100% Remote. Healthcare domain experience required. Must have experience with GRC tools like ServiceNow, Archer, or MetricStream.

Compensation & Location

Salary: $80 – $80 per year

Location: Remote, NY

Recruiter / Company – Contact Information

Recruiter / Employer: Cloudforge

Email: bhargavi@CloudForgex.onmicrosoft.com

Interested in this position?
Apply via Email

Recruiter Notice:
To remove this job posting, please send an email from
bhargavi@CloudForgex.onmicrosoft.com with the subject:

DELETE_JOB_ID_1588

to delete@join-this.com.