Job Details
The Information Systems (IS) Risk and Compliance Analyst mid-level position supporting the Director IS Risk and Compliance is responsible for sustaining and improving the enterprise information security risk management framework, policy, processes, and tools for reducing Encompass Health's susceptibility to cybersecurity threats and vulnerabilities. Familiarity with computing technology, healthcare regulatory requirements, cybersecurity standards, vulnerability scanning and risk management is essential to the success of this position. The position is responsible for identifying, assessing, prioritizing, and monitoring internal and external risks to information systems including those of 3rd and 4th parties (vendors). The position supports efforts to gather prepare evidence in support of audits, assessments, and investigations and coordinates sometimes highly-visible cybersecurity risk/compliance assessments conducted by 3rd parties. The Risk and Compliance Analyst is adept at analyzing complex issues and distilling needed organizational responses into easy to comprehend actionable items.
The position requires a broad understanding of computer technologies, network administration, cloud computing, virtualization, cybersecurity, risk management, compliance, and the communication skills that facilitate effective communication. The position also requires effective engagement with internal and external stakeholders including various corporate departments, vendors, auditors, assessors, end users, other cybersecurity and risk management professionals, and ITG leadership.
Skills:
Malicious Code (worms viruses spyware etc.), Incident Response Team, Certified Information Security Manager (CISM)