Lead Cyber Risk Management Analyst, Technology and Digital, FT, 8:30A - 5P

Baptist Health is the region's largest not-for-profit healthcare organization, with 12 hospitals, over 29,000 employees, 4,500 physicians and 200 outpatient centers, urgent care facilities and physician practices across Miami-Dade, Monroe, Broward and Palm Beach counties. With internationally renowned centers of excellence in cancer, cardiovascular care, orthopedics and sports medicine, and neurosciences, Baptist Health is supported by philanthropy and driven by its faith-based mission of medical excellence. For 26 years, we've been named one of Fortune's 100 Best Companies to Work For, and in the 2025-2026 U.S. News & World Report Best Hospital Rankings, Baptist Health was the most awarded healthcare system in South Florida, earning 63 high-performing honors.
What truly sets us apart is our people. At Baptist Health, we create personal connections with our colleagues that go beyond the workplace, and we form meaningful relationships with patients and their families that extend beyond delivering care. Many of us have walked in our patients' shoes ourselves and that shared experience fuels out commitment to compassion and quality. Our culture is rooted in purpose, and every team member plays a part in making a positive impact - because when it comes to caring for people, we're all in.
At Baptist Health, we're committed to supporting our employees at every stage of their journey, both personally and professionally. Our approach is rooted in a "grow our own" philosophy, designed to help our team members build meaningful, long-term careers with us, supported by benefits that make a real difference, including:

• Career growth and development opportunities, with clear pathways and ongoing support
• Comprehensive health and wellness resources that go beyond traditional benefits
• A wellness program that can help employees eliminate their medical plan deductible, reducing out-of-pocket healthcare costs
• Tuition reimbursement to support continued learning and advancement
• And so much more

Together, these benefits and others reflect our commitment to caring for our people, so they can build fulfilling careers with us while making a meaningful impact every day.

Description

The Lead Cyber Risk Management Analyst is an integral part of the Information Security team and helps improve the maturity level of technology risk practices across the enterprise, as the organization continues to grow at a rapid pace. The Analyst is responsible for adhering with regulatory guidance for identifying, managing, and reporting on risks impacting the organization's strategy and operations, consistent with a commitment to maintain a high standard of compliance with all applicable laws and regulations, as well as overall sound risk management. Works collaboratively with various stakeholders and levels across the organization to execute a risk-based methodology for identifying, measuring, and managing the various types of third-party and information risk to the organization. The Lead Cyber Risk Management Analyst is responsible for providing guidance to business decision-makers on issues and development of risk mitigation strategies. May develop or assist with evaluating policies, processes and standards to reduce risk, and ensure information confidentiality, integrity and availability. Estimated salary range for this position is $126148.63 - $163993.22 / year depending on experience.

Qualifications:
The Lead Cyber Risk Management Analyst is an integral part of the Information Security team and helps improve the maturity level of technology risk practices across the enterprise, as the organization continues to grow at a rapid pace. The Analyst is responsible for adhering with regulatory guidance for identifying, managing, and reporting on risks impacting the organization's strategy and operations, consistent with a commitment to maintain a high standard of compliance with all applicable laws and regulations, as well as overall sound risk management. Works collaboratively with various stakeholders and levels across the organization to execute a risk-based methodology for identifying, measuring, and managing the various types of third-party and information risk to the organization. The Lead Cyber Risk Management Analyst is responsible for providing guidance to business decision-makers on issues and development of risk mitigation strategies. May develop or assist with evaluating policies, processes and standards to reduce risk, and ensure information confidentiality, integrity and availability. Estimated salary range for this position is $126148.63 - $163993.22 / year depending on experience.Degrees:

• Bachelors.

Additional Qualifications:

• Min 10 yrs.
  exp in an information security risk management role.
• Bachelor's in Computer Science, Cyber Security or related field or 11 yrs.
  related work experience required.
• Requires a solid understanding & demonstrated exp working with info sec legal/regulatory requirements such as HIPAA, FIPA, & PCI-DSS as well as advanced knowledge & several yrs exp working with frameworks such as NIST, ISO, COBIT, or HITRUST.
• The position requires an advanced level of technical knowledge in the areas of network,operating system,database, identity mgmt, Internet/web, cloud & endpoint security,.
• Exp with industry standard enterprise risk assessment & mgmt solutions is required.
• Ability to partner/influence others to build consensus utilizing strong analytical skills & demonstrated aptitude for identifying/interpreting enterprise risks & mitigating controls including evolving risks,threats,vulnerabilities,impact, & emerging technologies.
• Excellent written, oral & presentation skills & an ability to synthesize info to assist in making clear,concise recommendations on courses of action or mitigation.
• Ability to effectively prioritize & maintain focus on multiple tasks while working in an agile environment with diverse stakeholders as well as an ability to work both independently/part of a team.
• Cert such as CISSP,CRISC,CISM,CISA,CSX-P, CAP are desirable.

Minimum Required Experience: 10 YearsDegrees:

• Bachelors.

Additional Qualifications:

• Min 10 yrs.
  exp in an information security risk management role.
• Bachelor's in Computer Science, Cyber Security or related field or 11 yrs.
  related work experience required.
• Requires a solid understanding & demonstrated exp working with info sec legal/regulatory requirements such as HIPAA, FIPA, & PCI-DSS as well as advanced knowledge & several yrs exp working with frameworks such as NIST, ISO, COBIT, or HITRUST.
• The position requires an advanced level of technical knowledge in the areas of network,operating system,database, identity mgmt, Internet/web, cloud & endpoint security,.
• Exp with industry standard enterprise risk assessment & mgmt solutions is required.
• Ability to partner/influence others to build consensus utilizing strong analytical skills & demonstrated aptitude for identifying/interpreting enterprise risks & mitigating controls including evolving risks,threats,vulnerabilities,impact, & emerging technologies.
• Excellent written, oral & presentation skills & an ability to synthesize info to assist in making clear,concise recommendations on courses of action or mitigation.
• Ability to effectively prioritize & maintain focus on multiple tasks while working in an agile environment with diverse stakeholders as well as an ability to work both independently/part of a team.
• Cert such as CISSP,CRISC,CISM,CISA,CSX-P, CAP are desirable.

Minimum Required Experience: 10 Years