Sr. IT Risk Analyst

-Conduct detailed risk assessments, including meeting with clients and vendors, to ensure all projects and initiatives meet all UCLA Health Sciences compliance policies, standards and procedures as well as HIPAA Compliance, and all other government and medical agencies regulations.
-Recommend remediation strategies including risk-based prioritization of action items and identification of mitigating controls; as well as evaluate, develop and recommend new information security assessment tools/techniques
-Work to maintain and enhance the IT Risk GRC solution and update/improve upon UCLA Health Sciences Security risk assessment process for UCLA Health Sciences.
-Contribute to and develop best practices, strategies, methodologies and documentation/templates suitable for use by other team members

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

-Bachelor's degree in Computer Science, Engineering, Information Systems (or similar) OR 5+ years of relevant professional experience in Information Security or IT Risk Management, preferably in healthcare
-Proficient knowledge of hardware/software architecture and domains in IT operations with a focus on governance, risk and compliance.
-Ability to understand large, complex systems.
-An understanding of communications and network vulnerabilities.
-Knowledge of personal computer and mobile architectures, OS and applications.
-Analytical ability to focus on specific details or subsystems, their vulnerabilities and linkages.
-Experience with GRC (Governance, Risk, and Compliance) solutions
-Experience with IT audits.
-Project management skills, with risk management.
-Understanding of legal and regulatory compliance standards and requirements against data and IT, including HIPAA, FERPA, Payment Card Industry Data Security Standard (PCIDSS), ISO27001, NIST and COBIT.
-Knowledge of products which protect systems, such as Intrusion Prevention Systems (host- and network-based), Firewalls, Security Event Management Systems, port scanning and vulnerability identification, monitoring and logging mechanisms, etc.
-Familiarity with multiple software types at the application and enterprise levels.
-Demonstrated skill in establishing and maintaining cooperative working relationships.
-Possess the verbal and written communication skills to work effectively with technical and non-technical personnel at various levels in the organization; ability to use standard English grammar and punctuation.
-Proficient in Microsoft Office product suite (MS Outlook, Word, PowerPoint, and Excel)
- An inquisitive, or problem-solving, mindset.
-A strong sense of customer service and attention to detail
-Ability to work independently, setting goals and priorities.
-Confidence to follow-up and champion critical ! findings, follow through and deliver timely results.

-Relevant information security certifications preferred (e.g., CISSP, CISA, CISM, CRISC, or GIAC)

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.