SR Information Security Analyst - IS-Mod
The Senior Information Security Analyst plays a key role in advancing Mayo Clinic’s Data Protection Program by leading monitoring, alerting, and operational improvement activities focused on protecting Mayo Clinic Data. This position is responsible for identifying and analyzing potential data loss risks, coordinating response and escalation activities, developing metrics and reporting, and helping mature enterprise monitoring capabilities across multiple security platforms.
The Information Security Senior Analyst has a broad understanding of information security concepts and how to apply and implement them. They serve as a liaison between Information Security, Information Technology, business representatives, and various oversight committees, assisting with developing, communicating, and achieving Mayo’s Information Security goals. The Information Security Senior Analyst is considered knowledgeable and skilled in industry standard information security concepts with particular focus on the NIST Cybersecurity Framework, or equivalent.
The Information Security Senior Analyst is knowledgeable, proficient, and experienced in:
•Integrating multiple disciplines (e.g., business / systems process analysis, data analysis, data informatics, risk management, regulatory requirements, and technology) for strategic and operational planning.
•Using problem-solving methods, planning techniques, continuous improvement, project management, and analytical tools and methodologies to achieve Mayo goals.
•Conducting information security assessments.
•Addressing information security questions and inquiries from business, clinical areas, and other OIS teams.
•Ensuring appropriate treatment of cybersecurity risk and monitoring compliance to Mayo’s Information Security policies, processes and procedures.
•Creating, supporting, and evaluating security prototypes.
•Administering Information Security processes and tools that enable the organization to operate effectively and efficiently
•Creating policies, processes and procedures and guiding them through the approval process.
•Handles a varied workload of projects with multiple priorities.
•Staying current on information security, technology and healthcare trends and institutional changes.
•Using excellent interpersonal skills to include presentation, negotiation, influencing, team facilitation and written communications.
•Effectively managing time.
•Assists with directing the work of Analysts and Associate Analysts.
•Drafting communication of risk and complex cyber security topics to a diverse audience.
Additional qualifications may apply (see additional experience and/or qualifications):
• Organizational Change Management – particular focus on Procsi’s ADKAR model
• Project Management – particular focus on the Project Management Body of Knowledge (PMBOK)
• Business Analysis – particular focus is on the Business Analysis Body of Knowledge (BABOK)
This vacancy is not eligible for sponsorship/ we will not sponsor or transfer visas for this position. Also, Mayo Clinic DOES NOT participate in the F-1 STEM OPT extension program.
Master's degree in applicable field and 4 years' experience, or Bachelor’s degree in applicable field and 5 years’ experience.
Pertinent fields of study and experience includes (but is not limited to) the following: information security, operational analysis,
process change, electronic systems implementation, leadership, systems analysis and project management with broad-based
key enterprise initiatives.Must have one of the following certifications (or equivalent) at time of hire. In lieu of
certification at time of hire, candidate must pass the exam within three years and complete the certification process
once years of service requirements of the certifying body have been met.
• CISSP
• CISM
• HCISPP
• GSEC
• OSCP