Healthcare Sec Risk Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

University of Minnesota · 8 hours ago

Healthcare Sec Risk Analyst

positionMinneapolis, MN
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$110K/yr - $120K/yr
date4+ years exp

The University of Minnesota is committed to fostering local talent and is seeking a Healthcare Security Risk Analyst to enhance the information security posture of its Health Care Components. The role involves leading risk assessments, providing guidance on regulatory compliance, and collaborating with stakeholders to ensure effective risk management practices.

EducationHigher EducationUniversities
badNo H1Bnote

Responsibilities

Lead the information security risk management program within the University’s Health Care Components by identifying areas most in need of risk assessment, leading risk assessments with other information security risk analysts, and utilizing analysis from information security architects
Design and manage ongoing program improvements to ensure alignment with regulatory standards and best practices
Lead and coordinate multiple security risk assessments independently utilizing Information Security control structures such as: ISO 27001 / 27002, NIST 800-171; Health Industry Cybersecurity Practices (HICP): (805d), HITRUST; others; develop risk remediation plans and facilitate risk remediation efforts
Communicate risk assessment results and risk mitigation strategies to senior leaders
Analyzes trends from risks assessments to identify areas most in need of mitigation efforts
Provide consultation on information security regulations and standards, such as HIPAA and NIST, to various audiences; including guidance for department-level risk analysis procedures
Assist with development and maintenance of information security policies, procedures, standards and guidelines based on industry best practices and compliance requirements
Maintain alignment of HCC-specific written policy controls to industry standards (HICP, HITRUST, etc.)
Consult and provide quality assurance for information security reviews of vendors and suppliers
Work across the Health Care Components (HCC) with key stakeholders in helping to determine compliance needs
Coordinate with HIPAA Security Officer on key HCC needs and planning
Utilize a Governance, Risk, and Compliance (GRC) tool to develop and implement continuous monitoring processes, supporting ongoing compliance and driving continuous improvement in the organization's security posture
Provide leadership, training, and guidance for student workers in information security
Provide procedural and technical guidance to less experienced risk analysts
Works to project manage and build requirements for our Governance, Risk and Compliance system
Consult with administrative and collegiate units to address policy and process related information security risks identified through the information security gap analysis and exception management efforts

Qualification

Security risk assessmentHIPAA complianceInformation security standardsCISSP certificationCISA certificationAnalytical skillsConsultative skillsCommunication skillsInterpersonal skills

Required

Bachelor's degree and 4 years of relevant work experience or a master's degree plus at least 2 years of experience
Experience in security risk assessment
Strong analytical and problem solving skills
Relevant work experience in a health care environment
Excellent communication (oral, written, presentation), interpersonal and consultative skills with various stakeholders, including organizational leadership

Preferred

Experience in HIPAA security risk assessment, vendor assessment, HIPAA consultation or audit
Relevant work experience in a higher education environment with both research and clinical areas
Deep understanding of the HIPAA Security Rule, Privacy Rule and Breach Notification Rule
Knowledge of information security standards (e.g., ISO 27001/27002, NIST 800-171, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, PCI DSS, etc.)
CISSP, CISA, or other HIPAA security & privacy certifications

Benefits

Competitive wages, paid holidays, and generous time off
Continuous learning opportunities through professional training and degree-seeking programs supported by the Regents Tuition Benefit Program
Low-cost medical, dental, and pharmacy plans
Healthcare and dependent care flexible spending accounts
University HSA contributions
Disability and employer-paid life insurance
Employee wellbeing program
Excellent retirement plans with employer contribution
Public Service Loan Forgiveness (PSLF) opportunity
Financial counseling services
Employee Assistance Program with eight sessions of counseling at no cost
Employee Transit Pass with free or reduced rates in the Twin Cities metro area

Company

University of Minnesota

twittertwittertwitter
Glassdoor4.2
company-logo
University of Minnesota is an educational institution that offers master's and doctoral degrees in medicine, law, and engineering fields.
dateFounded in 1851
location
Minneapolis, Minnesota, USA
people-size10001+ employees
web-link
https://twin-cities.umn.edu

Funding

Current Stage
Late Stage
Total Funding
$97.08M
Key Investors
American Academy of Orthopaedic SurgeonsNational Science FoundationU.S. Environmental Protection Agency
2023-12-01Grant· $0.03M
2023-05-04Grant· $20M
2023-04-13Grant· $10M

Leadership Team

leader-logo
Shane Stennes
Chief Sustainability Officer
linkedin

Recent News

GlobeNewswire
$1.1 Billion Aerospace Complex, Nation’s Most Advanced Aerospace Testing Facility, Anchors Minnesota’s Strategy to Build the Next Economy
2026-01-16
Star Tribune
Opinion | Reflecting on yet another year of scientific fraud at the University of Minnesota
2026-01-03
Star Tribune
U of M donors chastise firings and upheaval in Medical School tussle
2025-12-17
Company data provided by crunchbase