Jobs at Central Business Solutions, Inc

View all jobs

Information Security Risk Manager

New York City, NY
Job Title :Information Security Risk Manager
Location: New York City , NY.


Principal Duties and Responsibilities:
Support Information Security and Risk Management by maintaining and enforcing the Information Security and risk management framework/methodology, including execution of risk analysis and risk mitigation strategies.
Document and maintain the enterprise security risk governance methodology and risk management policy, process, and procedure.
Exhibit best practice risk management skills through effective internal risk controls, risk monitoring, risk assessment and improvement of risk management processes.
Organize and perform the enterprise security risk assessment and gap analysis for all technologies, products, and functions introduced, including maintaining risk project work plans to measure and manage progress. Track and document all internal risk reviews, assessments, risk acceptances, and security exceptions in a GRC tool.
Serve as the information security liaison and subject matter expert for all relevant EMR and PHI related security risk.
Conduct or participate in all relevant audits and risk assessment activities (whether operational risk, legal/compliance risk, reputational risk, or information security risk).
Aid in the planning and execution of risk remediation activities including the identification of practical, cost effective solutions.
Facilitate team meetings between stakeholders, project leaders, and the Information Technology teams.

Qualifications / Required Skill:
Bachelor’s in Information Systems required
10 years of IT experience with at least 5 years dedicated to IT Security Risk Management, Risk Audit/Assessment, and/or Security and/or Data Privacy Investigation
Healthcare industry experience required with understanding of EMR systems and data privacy issues related to PHI
Experience with reviewing I/T solution requirements and security controls implementation
Knowledge and experience working with a GRC Software tool
Strong working knowledge of HIPAA, Joint Commission, CMS, and other regulatory legislation pertinent to the healthcare industry
Working knowledge of information security frameworks such as NIST CSF, HITECH, ISO27001/27002, PCI DSS and COBIT
Experience in conducting and responding to information security assessments and audits.
Strong analytical skills and the ability to resolve complex security vulnerabilities and design compensating controls
Excellent written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate information security and risk related concepts to technical and nontechnical audiences
Ability to rapidly comprehend and interpret the functions and capabilities of new technologies
Must possess a high degree of integrity and trust along with the ability to work independently
CISSP, CISM, CISA, CRISC or other relevant security qualification

Must-Have Primary Skill:
5+ Years of expert level experience as a Security Analyst-Security-Information Security

Central Business Solutions, Inc,
37600 Central Ct.
Suite #214
Newark, CA 94560.
Central Business Solutions, Inc(A Certified Minority Owned Organization)
Checkout our excellent assessment tool:
Checkout our job board :
Central Business Solutions, Inc
37600 Central Court Suite 214 Newark CA, 94560
Phone: (510)-713-9900, 510-573-5500 Fax: (510)-740-3677
More Openings
Mechanical Engineer
SAPUI5 Consultant
Powered by