$150K — $200K *
The Information Security (IS) Risk Consultant oversees the implementation and the management of the information security risk management program or technology compliance management program.
INTEGRIS Health is an Equal Opportunity/Affirmative Action Employer.
The IS Risk Consultant responsibilities include, but are not limited to, the following:
* Serves as a subject matter expert to provide consultation and support for organizational initiatives.
* Provides leadership and guidance to Information Technology and other departments to satisfy information security risk needs.
* Develops and maintains policy and standards to address organization policy management gaps.
* Manages risk assessment activities and supporting cross departmental projects to provide quantitative or qualitative analysis of risks.
* Manages risk treatment of security findings and reports outstanding/critical issues to leadership for resolution.
* Participates in the development of key risk indicators and key performance indicators (KRI/KPI).
The IS Risk Consultant reports to the department Manager or Director.
Required Physical Demands (Subject to Reasonable Accommodation):
Keyboarding/Dexterity: Frequently; activity exists from 1/3 to 2/3 of the time
Standing/Walking: Occasionally; activity exists up to 1/3 of the time
Strength (Lift/Carry/Push/Pull): Sedentary (exerting up to 10 pounds of force occasionally)
Talking (Must be able to effectively communicate verbally): Yes
Color Acuity (Must be able to distinguish and identify colors): No
This position may have additional or varied physical demand and/or respiratory fit test requirements. Please consult the Physical Demands Project SharePoint site or contact Risk Management/Employee Health for additional information.
Normal office environment.
All applicants will receive consideration regardless of membership in any protected status as defined by applicable state or federal law, including protected veteran or disability status.
* Masters degree in Computer Science, Information Systems or related field with 4 years of relevant experience; or Bachelors Degree in Computer Science, Information Systems or related field with 6 years of relevant experience; or Associates degree in Computer Science, Information Systems or related field with 8 years of relevant experience; or High School Diploma or equivalent with 10 years of relevant experience.
* Expert level of information security knowledge and experience one domain in the Common Body of Knowledge as described by (ISC) 2 for security professionals.
* Minimum of one certification (CISSP, CISA, CRISC, or CISM).
* Previous experience with a quantitative analysis methodology such as Factor Analysis of Information Risk.
Valid through: 12/9/2020