IT Security Risk and Compliance Analyst

Position Title: IT Security Risk and Compliance Analyst Department: Information Technology (IT) - Security Risk & Compliance (ITS R&C) Description Identity Access & Management, Security Operations, and Security Risk & Compliance (R&C). The IT Security Risk and Compliance (ITS R&C) team works especially closely with the SCA Health Regulatory Compliance (Privacy) team regarding the HIPAA Security Rule. The IT Security Analyst is responsible for the first level of support of the IT Security Risk and Compliance activities specified by IT Security Leadership. As the IT Security Analyst, you will manage the primary intake and initial support of all ITS R&C requests. You will monitor emails, select systems/applications, reports, and site lists, request tickets, presentations, and meetings, and interact with internal and external resources. Duties include but are not limited to: HIPAA Security Risk Activities Fair warning Privacy and Security Monitoring Support ServiceNow Security Risk Assessment Application Administration . Risk Assessments | Remediations | Issues Management | General Requests IT Security Risk Management Activities Issues Management Corrective Actions | IT Security Risks, Remediations, & Exceptions Cybersecurity Training and Awareness Support Compliance / Follow-up Activities . Microsoft Data Loss Prevention Support ServiceNow Ticket Management & IT Security HIPAA Incident Management Support User Access Validation (UAV) Administration and Support The ITS R&C team priorities adjust to the rhythm of the SCA Health business obligations, business objectives, business risks, and the business-related challenges faced. Duties remain flexible due to the leadership directives and regulatory requirement changes, etc.

Minimum Qualifications Bachelor degree in Healthcare Information Management, Information Technology, Management Information Systems, Computer Science, other related business disciplines, or comparable experience. 2+ years of Healthcare experience. 1+ year experience with risk and compliance. Excellent communication, documentation, organization, and prioritization skills. Classified as Confidential Analytical thinking and problem-solving. Great verbal and written skills. Ability to work effectively with project resources across multiple departments. Relevant certification or advanced degrees are a plus (e.g., CRISC, CISSP, CISM, HITRUST). 1+ year of Information Technology or other relevant experience is a plus. Classified as Confidential