Job Details

Information Security Risk Analyst

Oregon Health Authority, Salem, OR

Job - Government

Close Date: 11/05/2019

The Oregon Health Authority has a fantastic opportunity for an Information Security and Risk Expert to join an excellent team and work to advance their Information Security risk program.

The Oregon Health Authority promotes health equity by developing policies and programs to eliminate health disparities and reach health equity for all Oregonians.


What you will do!
As an Information Security Risk Coordinator, you will coordinate the information security risk program within the Office of Information Services’ (OIS) Information Security and Privacy Office (ISPO). You will create short and long-term plans for identifying, assessing and remediating ongoing information security risk in consultation with senior management.

In this role, you will be responsible for developing tactical and strategic goals and plans to mature the information security risk program in alignment with the State Enterprise Security Office’s risk program goals and guided by operational metrics. You will be responsible for presenting risk findings and giving consultative advice to senior managers, risk owners, and those with responsibility for the remediation of risk.

Additionally, you will be a member of a team responsible for information technology policies/procedures, audit tracking, information exchange, privacy and e-discovery. You will also assist in building and maintaining these programs and will work under the guidance and supervision of the Chief Information Risk Officer (CIRO)

What's in it for you?
Collaboration in an open office with a team of bright individuals to work with and learn from. We offer full medical, vision and dental with paid sick leave, vacation, personal leave and ten paid holidays per year. If you are an Information Security and Risk Expert, don't delay, apply today!


WHAT WE ARE LOOKING FOR:
• (a) Seven (7) years of professional-level evaluative, analytical and planning experience involving Information Security and/or Privacy. OR (b) A Bachelor's Degree in Business or Public Administration, Behavioral or Social Sciences, Finance, Political Science or a related field AND Four (4) years of professional-level evaluative, analytical and planning experience involving Information Security and/or Privacy. OR (c) A Master’s Degree in Business or Public Administration, Behavioral or Social Sciences, Finance, Political Science or a related field AND Three (3) years of professional-level evaluative, analytical and planning experience involving Information Security and/or Privacy. OR (d) A Doctor’s Degree in Business or Public Administration, Behavioral or Social Sciences, Finance, Political Science or a related field AND Two (2) years of professional-level evaluative, analytical and planning experience involving Information Security and/or Privacy.
• Experience developing information security risk, security and privacy policies and procedures.
• Successful completion of information security risk, information security, privacy, and/or audit certifications including CRISC, CIPP, CISA, CISSP, CISM or equivalent is preferred.
• Expert-level knowledge of concepts, methodologies and techniques to lead the development of agency-wide information security risk, privacy and security policies and procedures.
• Strong working knowledge of agency-specific and statewide information security risk, security and privacy policies.
• Audit and compliance experience, as well as knowledge of public records laws and e-discovery.
• Extensive knowledge of computer technology and information security risk.
• Familiarity with the Project Management Body of Knowledge (PMBOK).
• Excellent written and verbal communication and presentation skills.
• Experience in promoting a culturally competent and diverse work environment.

Complete details: https://oregon.wd5.myworkdayjobs.com/en-US/SOR_External_Career_Site/job/Salem--Fairview-Industrial-Drive-3991---OHA/Information-Security-Risk-Coordinator_REQ-17575