Associate Information Security Risk Specialist

Sanford Health is one of the largest and fastest-growing not-for-profit health systems in the United States. We’re proud to offer many development and advancement opportunities to our nearly 50,000 members of the Sanford Family who are dedicated to the work of health and healing across our broad footprint. 

Work Shift:

8 Hours - Day Shifts (United States of America)

Scheduled Weekly Hours:

40

Salary Range: $26.00 - $41.50

Union Position:

No

Department Details

Summary

Responsible to support the activities of the IT Security Risk and Controls team. With close supervision, this position is responsible for supporting the development and implementation of Information Security compliance and risk management programs, including security findings, exceptions, policy and procedures, and related processes.

Job Description

Works under close supervision in the design, development and implementation of risk management and compliance programs.
Assists with assessing system and information security risks, documents, and tracks risks and provide input to reports. Maintains knowledge of application policies, regulations, and compliance documents related to Information Security and Assurance. Works under close supervision with stakeholders in technology and the lines of business to develop appropriate policies, standards, and alignment to security frameworks. Provides input to a information security awareness training program that is engaging and influences changes in employees' behavior. Aids in the development of appropriate electronic and hard copy reports and records. Assists with presentations to internal stakeholders as needed. Tracks the status of finding treatments in the applicable GRC tools.

Qualifications

Bachelor’s degree required, in lieu of education, leadership may consider an Associate’s Degree plus 3 years of applicable experience in computer science or related field.


Experience working in Information Security, Cybersecurity, Third Party Risk Management, Vendor Management, Risk Management, or related field preferred. Initial Information Security training and experience in security risk management is desired. Introductory knowledge of Information Security frameworks and controls, including but not limited to HIPAA, NIST, ISO, and SOC2.

Security or other technical certification(s) desired.

Sanford is an EEO/AA Employer M/F/Disability/Vet. 

If you are an individual with a disability and would like to request an accommodation for help with your online application, please call 1-877-673-0854 or send an email to talent@sanfordhealth.org.