IT Risk AnalystMid-levelRemoteFull-timeA month ago

Career Path Advertising
Do You Want to Discover Your Ideal Career Path?Craft Your Own Career Path for Free!

About the job

The IT Risk Analyst will assist in reviewing cybersecurity-related terms and conditions (T&Cs) in contracts with healthcare partners and assess the alignment of existing practices with these T&Cs.

What will you do?

  • Create and maintain an inventory of established contracts with healthcare partners and their associated cybersecurity-related T&Cs, identifying any accepted terms that may be misaligned with current practices.
  • Evaluate established contracts with vendors and other third parties to determine if appropriate cybersecurity-related T&Cs have been included.
  • Assist in developing ‘right to audit’ strategies to audit vendors and other third parties to determine if they are meeting the agreed-upon T&Cs. 
  • Provide accurate information about existing cybersecurity practices to support go-to-market activities, such as security questionnaires and assessments from healthcare partners, while maintaining the confidentiality of sensitive company information.
  • Monitor and analyze trends in healthcare partners’ cybersecurity requirements, including recurring inquiries or challenges, to gauge and communicate market demands to management.
  • Assist in developing and maintaining comprehensive internal and public-facing content (knowledge base) related to existing cybersecurity practices and implemented controls.
  • Assist with other relevant activities as needed.

Qualifications

  • At least 2 years of experience in a cybersecurity risk or compliance function, preferably supply-chain risk management, or an Associate's degree in a relevant field plus 1 year of experience.
  • Strong attention to detail, excellent organizational and time management skills, and the ability to prioritize multiple projects while meeting SLAs.
  • Exceptional written and verbal communication skills.
  • Customer-centric mindset with strong problem-solving abilities.
  • Entry-level cybersecurity certification(s) preferred, though not mandatory.

Skills

Hard Skills

  • Risk Management

Soft Skills

  • Detail Oriented / Quality of Work
  • Process Oriented
  • Results Oriented
  • Problem Solving

Technical Skills

  • Cybersecurity