Information Security GRC Anyls
3 days ago
At Houston Methodist, the Information Security Governance, Risk, and Compliance (GRC) Analyst is responsible for managing risks related to information security, privacy, and regulatory compliance within an organization. This role involves developing and implementing policies, assessing risks, ensuring compliance with industry standards and regulations, and implementing control measures to mitigate risks. Key responsibilities include conducting risk assessments, developing risk mitigation strategies, monitoring compliance with frameworks such as ISO 27001, GDPR, NIST, and SOX, conducting vendor risk assessments, and collaborating with different departments to manage risks and ensure compliance. The GRC Analyst also creates and maintains information security standards, conducts gap analyses, and prepares for regulatory examinations.
PEOPLE ESSENTIAL FUNCTIONS- Gathers feedback for continuous improvements on established employee and technology policies from IT and business partners.
- Communicates risk findings and recommendations that are clear and actionable to all stakeholders.
SERVICE ESSENTIAL FUNCTIONS
- Creates, maintains, and communicates information security standards.
- Facilitates the remediation of control gaps and escalates critical issues to leadership.
- Prepares for and facilitates examinations by security assessors for regulations.
QUALITY/SAFETY ESSENTIAL FUNCTIONS
- Assesses and reports on the risks and benefits for the business, as well as the mandates for the supplier compliance.
- Evaluates the effectiveness of the information security program by developing and analyzing compliance metrics.
FINANCE ESSENTIAL FUNCTIONS
- Advises leadership on risk management strategies, including risk mitigation and risk transfer.
- Maintains and registers relevant suppliers/vendors, controls, and risks for ongoing vendor risk management activities.
GROWTH/INNOVATION ESSENTIAL FUNCTIONS
- Identifies, analyzes, evaluates, and documents information security risks and controls based on established risk criteria.
- Conducts third-party risk assessments and recommends control to mitigate identified risks.
- Coordinates architecture reviews as part of third-party risk assessments.
- Designs and documents technical, administrative, and physical controls to ensure compliance.
- Assists with the review of information security sections within supplier contract and recommends necessary changes.
- Takes a best practice approach to information security to balance secure operations with innovation.
This job description is not intended to be all-inclusive; the employee will also perform other reasonably related business/job duties as assigned. Houston Methodist reserves the right to revise job duties and responsibilities as the need arises. EDUCATION
- Bachelor's degree in information security, information technology, computer science or other related technology degree
WORK EXPERIENCE
- Five years of Risk and/or Governance, Risk & Compliance experience. An additional three years of experience required in lieu of level 2 certification in assigned area of concentration
- CISSP - Certified Information Systems Security Professional (IISSCC) OR
- CRISC - Certified Risk and Information Systems Control (ISACA)
- Demonstrates the skills and competencies necessary to safely perform the assigned job, determined through on-going skills, competency assessments, and performance evaluations
- Sufficient proficiency in speaking, reading, and writing the English language necessary to perform the essential functions of this job, especially with regard to activities impacting patient or employee safety or security
- Ability to effectively communicate with patients, physicians, family members and co-workers in a manner consistent with a customer service focus and application of positive language principles
- Understanding of relevant laws, regulations, and standards
- Knowledge of best practices for developing and implementing compliance programs
- Ability to analyze complex data and identify trends or discrepancies related to compliance and risk
- Proficient in both written and verbal communication to convey compliance issues and policies clearly
SUPPLEMENTAL REQUIREMENTS
WORK ATTIRE
- Uniform No
- Scrubs No
- Business professional Yes
- Other (department approved) No
ON-CALL*
*Note that employees may be required to be on-call during emergencies (ie. DIsaster, Severe Weather Events, etc) regardless of selection below.
- On Call* No
TRAVEL**
**Travel specifications may vary by department**
- May require travel within the Houston Metropolitan area Yes
- May require travel outside Houston Metropolitan area Yes
Company Profile:
Houston Methodist is one of the nation’s leading health systems and academic medical centers. Houston Methodist consists of eight hospitals: Houston Methodist Hospital, its flagship academic hospital in the heart of the Texas Medical Center, and seven community hospitals throughout the greater Houston area. Houston Methodist also includes an academic institute, a comprehensive residency program, a global business division, numerous physician practices and several free-standing emergency rooms and outpatient facilities. Overall, Houston Methodist employs more than 27,000 employees and is supported by a wide variety of business functions that operate at the system level to help enable clinical departments to provide high quality patient care.
Houston Methodist is an Equal Opportunity Employer.
Equal employment opportunity is a sound and just concept to which Houston Methodist is firmly bound. Houston Methodist will not engage in discrimination against or harassment of any person employed or seeking employment with Houston Methodist on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or other characteristics protected by law. VEVRAA Federal Contractor – priority referral Protected Veterans requested.
-
Information Security GRC Anyls
7 hours ago
Houston, United States Houston Methodist Full timeInformation Security GRC Anyls at Houston Methodist summary: The Information Security Governance, Risk, and Compliance (GRC) Analyst at Houston Methodist is tasked with managing information security risks and ensuring compliance with regulations. This role involves developing policies, conducting risk assessments, and collaborating across departments to...
-
Information Security GRC Anyls
3 days ago
Houston, United States Houston Methodist Full timeAt Houston Methodist, the Information Security Governance, Risk, and Compliance (GRC) Analyst is responsible for managing risks related to information security, privacy, and regulatory compliance within an organization. This role involves developing and implementing policies, assessing risks, ensuring compliance with industry standards and regulations, and...
-
Information Security GRC Anyls
2 days ago
Houston, TX, United States Houston Methodist Full timeAt Houston Methodist, the Information Security Governance, Risk, and Compliance (GRC) Analyst is responsible for managing risks related to information security, privacy, and regulatory compliance within an organization. This role involves developing and implementing policies, assessing risks, ensuring compliance with industry standards and regulations, and...
-
Information Technology Security Manager
2 weeks ago
Houston, United States Search Services Full timeSUMMARY: A well-known Houston entity is seeking an experienced Information Technology Security Manager to join their team.RESPONSIBILITIES: A well-known Houston entity is seeking an experienced Information Technology Security Manager to join their team. In this role, you will be responsible for cybersecurity programs and activities across the organization in...
-
Information Technology Security Manager
1 day ago
Houston, United States Search Services Full timeSUMMARY: A well-known Houston entity is seeking an experienced Information Technology Security Manager to join their team.RESPONSIBILITIES: A well-known Houston entity is seeking an experienced Information Technology Security Manager to join their team. In this role, you will be responsible for cybersecurity programs and activities across the organization in...
-
Chief Information Security Officer
2 weeks ago
Houston, United States NES Fircroft Full timeJob DescriptionPrimary Purpose: A Leading energy infrastructure company, is seeking an experienced and strategic Chief Information Security Officer (CISO) to join their mission-driven and innovative organization. The CISO will be responsible for creating and managing an enterprise-wide cybersecurity program, playing a crucial role in safeguarding Sempra...
-
Chief Information Security Officer
4 weeks ago
Houston, United States NES Fircroft Full timeJob DescriptionPrimary Purpose: A Leading energy infrastructure company, is seeking an experienced and strategic Chief Information Security Officer (CISO) to join their mission-driven and innovative organization. The CISO will be responsible for creating and managing an enterprise-wide cybersecurity program, playing a crucial role in safeguarding Sempra...
-
Houston, United States Sempra LNG Full timePrimary Purpose: Sempra Infrastructure, a leading energy infrastructure company, is seeking an experienced and strategic Chief Information Security Officer (CISO) to join their mission-driven and innovative organization. The CISO will be responsible for creating and managing an enterprise-wide cybersecurity program which will play a crucial role in...
-
Houston, United States Sempra LNG Full timePrimary Purpose: Sempra Infrastructure, a leading energy infrastructure company, is seeking an experienced and strategic Chief Information Security Officer (CISO) to join their mission-driven and innovative organization. The CISO will be responsible for creating and managing an enterprise-wide cybersecurity program which will play a crucial role in...
-
Houston, TX, United States NES Global Talent Full timeCompetitiveUnited States Texas HoustonPermanent IT Job Description Primary Purpose: A Leading energy infrastructure company, is seeking an experienced and strategic Chief Information Security Officer (CISO) to join their mission-driven and innovative organization. The CISO will be responsible for creating and managing an enterprise-wide cybersecurity...
-
Houston, United States Sempra Services Corporation Full timePrimary Purpose Sempra Infrastructure, a leading energy infrastructure company, is seeking an experienced and strategic Chief Information Security Officer (CISO) to join their mission-driven and innovative organization. The CISO will be responsible for creating and managing an enterprise-wide cybersecurity program which will play a crucial role in...
-
Information Security Professional
4 weeks ago
Houston, Texas, United States Vets Hired Full timeAbout the RoleVets Hired is seeking a highly skilled Information Security Professional to join our team as a Cybersecurity Analyst II. This role will be responsible for protecting our computer networks and information by utilizing resources and tools.Key ResponsibilitiesWe are looking for someone with a willingness to exhibit Wellbys Core Values every day,...
-
Information Security Manager
2 months ago
Houston, United States EnerMech Full timeAt EnerMech, we're seeking a dedicated Information Security Manager to strengthen and oversee our cybersecurity strategy. Join us in protecting critical infrastructure and supporting secure operations across global projects in the energy and engineering sectors.Benefits401(k) matching to help secure your financial future10 paid holidays to enjoy throughout...
-
Information Security Analyst
3 weeks ago
Houston, United States Raptor Technologies Full timeJob DescriptionJob DescriptionAbout Us!Founded in 2002, Raptor has partnered with more than 60,000 schools in 55 different countries, including 5,300+ K-12 US school districts, to provide integrated visitor, volunteer, attendance, dismissal, emergency management, and safeguarding software and services covering the complete spectrum of school and student...
-
Information Security Specialist
3 weeks ago
Houston, Texas, United States Bristow Group Full timeJob OverviewWe are seeking an experienced Cybersecurity Analyst - IT Compliance to join our team at Bristow Group.About the RoleThis is a key position within our Information Technology department, responsible for supporting the implementation and oversight of cybersecurity programs and incident management. The successful candidate will work closely with our...
-
Security Professional
4 weeks ago
Houston, Texas, United States iidon Security Associates Full timeJob TitleSecurity ProfessionalAbout the RoleWe are seeking a skilled Security Professional to join our team at iidon Security Associates. As a key member of our team, you will play a vital role in maintaining a safe and secure environment for our customers and employees.Job SummaryThis is a full-time position that requires standing for long periods, climbing...
-
Director of Information Security
1 week ago
Houston, Texas, United States KPMG Full timeAbout the JobAs a Director, Cyber at KPMG, you will be responsible for leading our clients' cybersecurity efforts, developing effective security strategies, and implementing cutting-edge solutions.About You:You have a minimum of 8 years of experience in information security or a related field.You possess exceptional leadership and communication skills, with...
-
Information Security Specialist
1 week ago
Houston, Texas, United States Binary Defense Full timeAbout the Cybersecurity Engineer RoleThe ideal candidate has hands-on experience with Cortex XSIAM, strong information security knowledge, and skills in system administration, scripting languages, and IT knowledge. They must be able to evaluate client environments, prioritize data sources, and provide log collection guidance. Additionally, they should have...
-
Information Security Strategist
1 week ago
Houston, Texas, United States NES Fircroft Full timeOverviewThe NES Fircroft is seeking an experienced and strategic Cybersecurity Leader to join their mission-driven organization. As a leading energy infrastructure company, they require a skilled professional to create and manage an enterprise-wide cybersecurity program.This role plays a crucial part in safeguarding Sempra Infrastructure's critical...
-
Information Security Architect III
1 month ago
Houston, United States Service Corporation International Full timeOur associates celebrate lives. We celebrate our associates. Consider the possibilities of joining a Great Place to Work! Assesses, evaluates, designs, and builds systems ensuring security requirements protect and secure the organization's data and software. Ensures that the security requirements necessary to protect the organization's mission and business...
