Sign upLog in

EITS Security Risk Analyst B (Engagement)--Remote Job

DELTASOFT SOLUTIONS LLC

San fransico, CA(remote)

Apply
JOB DETAILS
SKILLS
Analysis Skills, Auditing, Business Skills, Business impact analysis (BIA), CISA - Certified Information Systems Auditor, CISSP - Certified Information Systems Security Professional, Communication Skills, Computer Security, Content Management Systems (CMS), Control Objectives for Information and related Technology (COBIT), Cross-Functional, Documentation, Electronic Medical Records, Enterprise Architecture, Enterprise Protection, External Audit, Gap Analysis, HIPAA (Health Insurance Portability and Accountability Act), Healthcare, ISO (International Organization for Standardization), IT Requirements, Information Technology & Information Systems, Information/Data Security (InfoSec), Internal Audit, Leadership, Maintain Compliance, Operational Audit, PCI-DSS, People Management, Performance Analysis, Performance Metrics, Privacy Regulations, Project Planning, Regulations, Regulatory Compliance, Reporting Skills, Risk, Risk Analysis, Risk Management, Risk Management Framework (RMF), Security Analysis, ServiceNow, State Laws and Regulations, Strategic Planning, Technology Analysis, U.S. National Institute of Standards and Technology (NIST), Work From Home
LOCATION
San fransico, CA
POSTED
8 days ago
Job43 – EITS Security Risk Analyst B (Engagement)
Location: 100% Remote
Max Submissions: 5
Proposed Start Date: ASAP
Proposed End Date: 06/30/2026

Role Overview
  • Serve as a liaison between the CISO’s strategic initiatives and the IT operational teams.
  • Translate business IT risk requirements into technical control specifications.
  • Develop risk metrics for performance measurement and reporting.
  • Coordinate enterprise-level security and risk management efforts.
  • Act as a subject matter expert (SME) on information security and regulatory compliance.

Key Responsibilities
Security & Risk Management
  • Maintain and enforce the enterprise information security and risk management framework.
  • Conduct risk analysis and develop mitigation strategies.
  • Monitor and assess the enterprise threat landscape.
  • Provide realistic risk reporting to the CISO and leadership teams.
  • Track and document internal risk reviews, assessments, and exceptions using a GRC tool.

Governance & Compliance
  • Document and maintain risk governance methodologies, policies, and procedures.
  • Ensure compliance with:
     
    • HIPAA
  •  
    • Joint Commission
  •  
    • DSRIP
  •  
    • COBIT
  •  
    • State privacy laws
  •  
  • Conduct and support internal and external audits (operational, compliance, reputational, security).
  • Serve as SME for EMR and PHI-related security risks.

Risk Assessments & Gap Analysis
  • Perform enterprise security risk assessments and gap analyses for new technologies and products.
  • Develop and manage risk remediation plans and work plans.
  • Identify information asset owners for data classification initiatives.
  • Support risk exception and risk acceptance documentation processes.

Technical & Cross-Functional Collaboration
  • Partner with enterprise architecture teams to align business, technical, and security requirements.
  • Collaborate with security engineering teams to implement security controls.
  • Facilitate meetings between stakeholders and IT teams.
  • Provide written and verbal reports to leadership and committees (including Operational Risk Committee).

Required Qualifications
Experience
  • Minimum 7 years of IT experience
  • At least 5 years in IT Security Risk Management / Risk Audit / Data Privacy Investigation
  • Minimum 2 years in a supervisory capacity

Healthcare Industry Expertise (Required)
  • Strong understanding of:
     
    • EMR systems
  •  
    • PHI data privacy
  •  
    • Healthcare regulatory environment
  •  
  • Experience with HIPAA, Joint Commission, CMS regulations

GRC & Security Framework Knowledge
  • Hands-on experience with GRC tools (ServiceNow, Archer, MetricStream preferred)
  • Working knowledge of:
     
    • NIST CSF
  •  
    • HITECH
  •  
    • ISO 27001/27002
  •  
    • PCI DSS
  •  
    • COBIT
  •  

Technical Skills
  • Experience reviewing IT solution requirements and implementing security controls
  • Strong analytical and risk assessment skills
  • Ability to design compensating controls for security vulnerabilities
  • Ability to assess business impact of security tools and policies

Education & Certifications
  • Bachelor’s degree in Information Systems or related field
  • Preferred Certifications:
     
    • CISSP
  •  
    • CISA
  •  
    • CRISC
  •  
    • Other relevant security certifications
  •  

Preferred Soft Skills
  • High integrity and ability to work independently
  • Strong communication and reporting skills
  • Ability to work in fast-moving environments
  • Experience participating in special projects
  • Ability to support various locations and flexible shifts if required
 
 
Thanks & Regards
Bhanu Prakash
DeltaSoft Solutions
bhanu.prakash@deltasoftgroup.com

About the Company

D

DELTASOFT SOLUTIONS LLC

Resume Resources

Free Resume TemplatesFree Resume Builder