About the job
The IT Risk Analyst will assist in reviewing cybersecurity-related terms and conditions (T&Cs) in contracts with healthcare partners and assess the alignment of existing practices with these T&Cs.
What will you do?
- Create and maintain an inventory of established contracts with healthcare partners and their associated cybersecurity-related T&Cs, identifying any accepted terms that may be misaligned with current practices.
- Evaluate established contracts with vendors and other third parties to determine if appropriate cybersecurity-related T&Cs have been included.
- Assist in developing ‘right to audit’ strategies to audit vendors and other third parties to determine if they are meeting the agreed-upon T&Cs.
- Provide accurate information about existing cybersecurity practices to support go-to-market activities, such as security questionnaires and assessments from healthcare partners, while maintaining the confidentiality of sensitive company information.
- Monitor and analyze trends in healthcare partners’ cybersecurity requirements, including recurring inquiries or challenges, to gauge and communicate market demands to management.
- Assist in developing and maintaining comprehensive internal and public-facing content (knowledge base) related to existing cybersecurity practices and implemented controls.
- Assist with other relevant activities as needed.
Qualifications
- At least 2 years of experience in a cybersecurity risk or compliance function, preferably supply-chain risk management, or an Associate's degree in a relevant field plus 1 year of experience.
- Strong attention to detail, excellent organizational and time management skills, and the ability to prioritize multiple projects while meeting SLAs.
- Exceptional written and verbal communication skills.
- Customer-centric mindset with strong problem-solving abilities.
- Entry-level cybersecurity certification(s) preferred, though not mandatory.
Skills
Hard Skills
Risk Management
Soft Skills
Detail Oriented / Quality of WorkProcess OrientedResults OrientedProblem Solving
Technical Expertise
Cybersecurity