Information Security Risk Analyst (Healthcare)

Project Description with background and purpose:

• Client is requesting to provide Information Technology (IT) consulting services for planning and coordination activities.
• The Contractor will develop project plans, timelines, and milestones for coordinating audit responses and following through on corrective action objectives and overall satisfaction with audit responses.
• The Contractor will also provide support in assessing the current data release process and look for opportunities to streamline the process and reduce touchpoints while still ensuring the data available is maintained securely and efficiently.
• The Contractor will collaborate with internal stakeholders to define data-sharing requirements and compliance, conduct gap analysis and recommend best practices. They will assist in enforcing data security, retention, and governance policies per the Statewide Information Management Manual (SIMM) and State Administrative Manual (SAM).
• The Contractor will identify any need for improvements for optimal purposes relating to data release and workflow. The Contractor will maintain copious information on data releases and audits for compliance purposes. Audit and project-related details, timelines, documents, and artifacts will be tracked in Jira and a Confluence workspace.
• The Contractor should be subject-matter expert (SME) with Jira, Jira Align, and/or Atlassian Confluence, as well as a SME in Agile methodology.

Mandatory Qualification:

• 5 years of experience applying analytical processes on IT projects. At least three 3 years of that experience must have been in business systems analysis and design.
• Possess a bachelor s degree. 
• 3 years of experience analyzing data classification, retention policies, and access controls.
• 3 years of experience conducting risk assessments, control testing environments, and developing mitigation plans.
• 3 years of experience conducting Joint Application Development (JAD) sessions with key stakeholders and subject matter experts, working in audit and IT teams.
• Experience in aligning solutions to business and IT requirements. Possess excellent oral and written communication skills.
• Experience with state and federal frameworks - National Institute of Standards and Technology (NIST) 800.53, ITIL, SIMM 5305, and retention policies.
• Strong understanding of and working with cross-functional teams within IT and Audits.
• Experience in data governance tools and technologies like Alation, Informatica, or Collibra.
• Experience in identifying and scheduling project deliverables, milestones, and required activities and tasks.