Technical Specialist, Information Security Risk Analyst – Senior Position Available In Wake, North Carolina
Tallo's Job Summary:
Job Description
Technical Specialist, Information Security Risk Analyst – Senior
Title Technical Specialist, Information Security Risk Analyst – Senior
Location Raleigh, NC (Remote) Duration 12 Months
Interview Type Webcam Interview Only
Job Type C2C,W2
Job Description
The North Carolina Health Information Exchange Authority is seeking a skilled Information Security Risk Analyst on a contract basis to lead the execution of its annual enterprise security risk assessment.
This engagement ensures compliance with industry-standard frameworks, supports proactive risk mitigation, & positions NC HIEA for future HITRUST certification.
Plan and conduct NC HIEA’s annual enterprise security risk assessment using
NIST SP 800-30, ISO
27005, or FAIR methodologies.
Ensure full alignment with
NIST SP 800-53
Revision 5, including: RA (Risk Assessment), AC (Access Control), SC (System Communications Protection), IR (Incident Response), and more.
Incorporate NIST Privacy Framework and
NIST SP 800-53
Rev. 5 privacy control families (AP, AR, DI, DM, IP, SE, TR, UL).
Build and maintain a comprehensive risk register, with treatment plans for mitigation, transfer, acceptance, or avoidance.
Map risks and mitigation efforts to
HITRUST CSF
control domains to support future certification
Develop and deliver documentation, dashboards, and executive summaries.
Collaborate with internal stakeholders to validate findings and support security governance efforts.
Skill
Required / Desired
Amount
of Experience
Experience in IT risk management, cybersecurity, or information security assessment.
Highly desired
5
Years
Demonstrated knowledge of
NIST SP 800-30, NIST SP 800-53
Rev. 5, and NIST Privacy Framework.
Highly desired
5
Years
Experience performing security and privacy risk assessments with documentation aligned to federal and state standards.
Highly desired
5
Years
Familiarity with HIPAA Security and Privacy Rules, and healthcare-specific risk domains.
Highly desired
5
Years
Experience with
HITRUST CSF
alignment or certification preparation.
Highly desired
5
Years
Strong written and verbal communication skills for technical and executive audiences.
Highly desired
5
Years Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job
Dice Id:
90925670
Position Id:
OOJ – 3372-2578-1746120846
