- Schedule - Shift - Hours: Full Time - Day Shift - M - F
At Moffitt Cancer Center, we strive to be the leader in understanding the complexity of cancer and applying these insights to contribute to the prevention and cure of cancer. Our diverse team of over 9,000 are dedicated to serving our patients and creating a workspace where every individual is recognized and appreciated. For this reason, Moffitt has been recognized on the 2023 Forbes list of America’s Best Large Employers and America’s Best Employers for Women, Computerworld magazine’s list of 100 Best Places to Work in Information Technology, DiversityInc Top Hospitals & Health Systems and continually named one of the Tampa Bay Time’s Top Workplace. Additionally, Moffitt is proud to have earned the prestigious Magnet designation in recognition of its nursing excellence. Moffitt is a National Cancer Institute-designated Comprehensive Cancer Center based in Florida, and the leading cancer hospital in both Florida and the Southeast. We are a top 10 nationally ranked cancer center by Newsweek and have been nationally ranked by U.S. News & World Report since 1999.
Working at Moffitt is both a career and a mission: to contribute to the prevention and cure of cancer. Join our committed team and help shape the future we envision.
Summary
Senior Cyber GRC Analyst
Position Highlights:
- Primarily responsible for safeguarding information system assets from intentional or inadvertent disclosure, modification, disruption, or destruction. Manages and monitors the Cybersecurity mitigation, remediation, and risk register process.
Responsibilities:
- Performs assessment and continuous monitoring of compliance with cybersecurity policies and standards across the enterprise, including third-party vendors.
- Assist with the completion of the annual security risk assessment.
- Assess and monitor the status of risk associated with applications/systems. Develop recommendations and remediation plans to reduce risk to an acceptable level. Periodically update key stakeholders and system managers regarding the cybersecurity hygiene of assets they are responsible for managing.
- Develop metrics and compliance dashboards to measure effectiveness of security controls and vulnerability remediation. Support resolution of issues discovered during examinations, internal audits, compliance reviews, and self-testing findings. Monitor, coordinate, support, and document remediation activities and escalate issues as necessary.
- Evaluate requests provided to GRC via ServiceNow ticket or other avenues. Follow up with applicable parties, provide comments regarding recommended action and Risk Rating. Follow up as needed to address and resolve other applicable cybersecurity requests submitted.
- Evaluate applicable contracts and work with legal and any other applicable stakeholders to ensure the appropriate Cybersecurity language is included in the contract.
- Review requests and provide risk management support as needed to ensure Moffitt's data and resources are adequately protected. Learn, develop, and advance GRC knowledge through practical experience and ongoing training to promote efficiency, effectiveness, and maturity of the control environment. Implement the internal policies, procedures, processes, controls, and risk statements, identifying and implementing enhancements for increased efficiency in processes, controls, and related documentation.
- Build positive relationships and partner with teams in IT, Compliance, Clinical, Research, etc. to continuously improve our internal security culture and external awareness of Moffitt's security program.
- Support process enhancement and redesign efforts to streamline Cybersecurity delivery. Review and analyze the effectiveness and efficiency of existing systems and processes to develop strategies for improving or further leveraging, consolidating, or decommissioning.
Credentials and Experience:
- Bachelor’s Degree – field of study: Information Systems, Information Security, Computer Science related degree or equivalent experience.
- Minimum of five (5) years of progressive experience with leading security initiatives, supporting audits; monitoring, reporting, and assessing risk.
- “In lieu of” a Bachelor’s an additional 4 years of relevant experience, for a total of 9 years, may be considered.
- Hands-on experience with risk assessments, risk analysis, controls implementation/validation, and third-party vendor assessments.
Moffitt Cancer Center is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, or protected veteran or disabled status. We seek candidates whose skills, and personal and professional experience, have prepared them to contribute to our commitment to diversity and excellence.
Reasonable Accommodation
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. Moffitt endeavors to make moffitt.org/careers accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact one of the Human Resources receptionists by phone at 813-745-7899 or by email at HRReceptionists@moffitt.org. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. If you’d like more information on your EEO rights under the law, please click here.
#J-18808-Ljbffr