Plus
Включить Plus
Назад
Company hidden
9 часов назад

Senior Information Risk Consultant (Cybersecurity)

Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior Information Risk Consultant (Cybersecurity): Leading information risk assessments and driving security compliance across infrastructure and business teams with an accent on risk scoring, threat analysis, and regulatory frameworks. Focus on integrating security into solution designs, managing risk registers, and ensuring adherence to standards like HITRUST, HIPAA, and NIST.

Location: Must be based in Pennsylvania, USA

Company

hirify.global is a large healthcare organization providing integrated health services and insurance solutions.

What you will do

  • Lead information risk assessments by analyzing documentation and conducting stakeholder interviews.
  • Formulate risk scoring based on threats, vulnerabilities, and impact analysis.
  • Partner with projects to apply security architecture requirements and remediate security gaps.
  • Maintain procedural documentation to meet compliance standards such as PCI-DSS, HITRUST, and ISO 27001.
  • Communicate risk treatment methodologies and mitigation strategies to management and technical teams.
  • Mentor team members and contribute to the inventory of risk register tracking.

Requirements

  • 7-10 years of experience in Information Security, Risk Management, or IT.
  • 5-7 years of experience specifically within Information Security Governance, Risk, and Compliance (GRC) functions.
  • Strong knowledge of HITRUST CSF, NIST frameworks, HIPAA, and PCI-DSS.
  • Proven ability to communicate complex security concepts to varying levels of management.
  • Familiarity with secure SDLC practices and network security architecture.
  • Must be based in Pennsylvania to fulfill role requirements.

Nice to have

  • Certifications such as CISSP, CISA, CEH, or GSEC.
  • Experience with GRC tools like Archer.
  • Knowledge of AI governance frameworks (NIST AI RMF, ISO/IEC 42001).
  • Experience supporting SOC 2 or SSAE 16 audits.

Culture & Benefits

  • Comprehensive corporate benefits package including health insurance.
  • Opportunity to work within a high-performance, multi-disciplinary team.
  • Commitment to ethical business conduct and regulatory compliance.
  • Support for professional development and industry certification participation.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →