Cyber Risk Management Analyst Senior at Penn State Health in Hershey, PA

JOB SUMMARY:

The Cyber Risk Management Specialist (CRMS) is responsible for ensuring operational excellence of cyber security risk management activities, including but not limited to:

Performing technical risk assessments on PSH and COM Information Systems using established processes

Ensuring communication and awareness of the PSH and COM Security Risk Management framework

Ensuring cyber risks are appropriately managed within risk appetite tolerance and limits

Contributing to the aggregation and reporting of cyber risk metrics and information

Supporting cyber security strategies and reporting

Acting as a subject matter expert for cyber risk management and engaging with cross-functional teams

MINIMUM QUALIFICATIONS:

Intermediate Level Qualifications:

A Bachelor’s degree in computer science, cybersecurity, information technology or in a related field AND 4 years of experience in cyber risk management. OR 8 total years of experience and education.

Senior Level Qualifications:

A Bachelor’s degree in computer science, cybersecurity, information technology or in a related field AND 8 years of experience in cyber risk management. OR 12 total years of experience and education.

PREFERRED QUALIFICATIONS:

Proven understanding of cyber security risk assessment and risk management procedures and methodologies

Ability to correlate enterprise risk with appropriate administrative, physical, and technical security controls

Experience using and/or managing a Governance, Risk, and Compliance (GRC) tool

Strong knowledge of cyber security principles, standards, practices, and technologies

Strong knowledge of industry and regulatory requirements (i.e., HIPAA, PCI, etc.)

Proven strong background in cyber security and operational processes