The site navigation utilizes arrow, enter, escape, and space bar key commands. Left and right arrows move across top level links and expand / close menus in sub levels. Up and Down arrows will open main level menus and toggle through sub tier links. Enter and space open menus and escape closes them as well. Tab will move on to the next part of the site rather than go through menu items.
As an Enterprise Security Risk Manager in BSWH, you will be part of a team who is assessing and managing the portfolio’s Third Party Information Security Risk across the organization. As part of your team, you will be responsible for supporting the Service Provider Technology Risk related initiatives and assessments, including core assessments of a Service Provider logical controls, Cloud environments, Web and Mobile applications. The ideal candidate should; have a good understanding of regulations that governs this space, be well versed in risk assessments, risk analysis, and have the ability in helping counterparts manage risk.
Job Summary & Responsibilities:
Support the Technology Risk Advisory function by understanding the business needs and helping to shape the Third Party Technology Risk strategy, be part of a team that assess risk and work with business units to manage risk portfolios.
Qualifications - External
RESPONSIBILITIES AND QUALIFICATIONS:
Have a good understanding of regulations that governs this space
Be well versed in risk assessments and a demonstrated ability in helping counterparts manage risk
Have in the past worked with legal to develop on an ongoing basis, review information security contractual requirements.
Understanding of well recognized risk management frameworks and a proven track record of implementation.
Working knowledge of regulatory landscape and information security management frameworks (e.g., HIPAA, HITECH, PCI; NIST, ISO 27000/27001).
Good understanding of information security controls, along with preferred and alternative implementations.
Have a technical knowledge of network infrastructure, cyber security risks, web, mobile application, and cloud environment.
Have a clear understanding of technology risk’s role in that process.
5 + years of relevant work experience
Proficient verbal and written communication skills
Bachelor of Science in Computer Science, System/Computer Engineering, Cyber-Security, Information Security, Information Technology or Risk Management is preferred
Prior experience in network security.
Prior experience in conducting risk assessments and audits
One or more of the following Certificates (Highly desirable): CISSP, CISA, CRISC, CISM.
- EDUCATION - Bachelors or Equivalent Exp
- EXPERIENCE - A minumum of 8 years experience required, 4+ managing people, 4+ in IS
Baylor Scott & White Health (BSWH) is the largest not-for-profit health care system in Texas and one of the largest in the United States. With a commitment to and a track record of innovation, collaboration, integrity and compassion for the patient, BSWH stands to be one of the nation’s exemplary health care organizations. Our mission is to serve all people by providing personalized health and wellness through exemplary care, education and research as a Christian ministry of healing. Joining our team is not just accepting a job, it’s accepting a calling!