Job Description


Submit Email

If you've inquired to HumanEdge in the past, please use the same email to help shorten the inquiry process. If you've never inquired or don't remember, you may use any valid email address.

Information Risk Analyst

  • Ref: 283094
  • Type: Direct Hire
  • Location: Melville, NY
  • Industry: Hospitals
  • Job Level: Senior
  • Pay: $90,000 - $115,000

Opportunity Description

Information Risk Analyst needed for a direct hire in Melville, NY.

Company Information

Our client is a growing healthcare network with over a dozen hospitals under its belt. Specializing in some specific areas such as cancer treatment, women's health, and cardiovascular services, our client presents a great opportunity for all those employed.

Job Duties

  • Collaborates with IT Security management in the development of enterprise Security assessment tools and policy and procedures.
  • Performs vulnerability assessments as assigned utilizing I.T. Security tools and methodologies.
  • Summarizes risk posture across the Health System or within specific business units.
  • Identifies opportunities to reduce risk within the Health System, detects and remediates vulnerabilities and ensures compliance and audit readiness.
  • Makes recommendations for corrective action and documents management decisions regarding acceptance or mitigation of risk scenarios
  • Facilitates and monitors performance and compliance of risk remediation tasks. Reports on findings
  • Liaises with Health System's partners and vendors regarding the security maintenance of their systems and applications
  • Creates and presents changes related to risk mitigation to Change Authorization Board, as needed
  • Provides weekly status on project status, including outstanding issues
  • Participates in the development of 'security awareness' education and training, as necessary


High School Diploma or equivalent, required; Bachelor's Degree in Information Security or Audit or related field, highly preferred

Experience & Skills Required

  • Minimum of eight (8) years progressively responsible information technology risk management experience, required
  • Minimum of five (5) years progressively responsible information security assessment or audit experience, required. Healthcare environment preferred
  • Certified in at least one of the following: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Security+, Global Information Assurance Certification (GIAC) or related certification, required
  • Thorough knowledge and understanding of current information risk assessment techniques, required.
  • Familiarity with Federal and State compliance regulations including HIPPA, PCI-DSS and Meaningful Use, required
  • Strong interpersonal and communication skills and the ability to work with all levels of management, required