Breakthrough

The Information Security Senior Analyst has a broad understanding of information security concepts and how to apply and implement them. They serve as a liaison between Information Security, Information Technology, business representatives, and various oversight committees, assisting with developing, communicating, and achieving Mayo’s Information Security goals. The Information Security Senior Analyst is considered knowledgeable and skilled in industry standard information security concepts with particular focus on the NIST Cybersecurity Framework, or equivalent.
The Information Security Senior Analyst is knowledgeable, proficient, and experienced in:
•Integrating multiple disciplines (e.g., business / systems process analysis, data analysis, data informatics, riskmanagement, regulatory requirements, and technology) for strategic and operational planning.
•Using problem-solving methods, planning techniques, continuous improvement, project management, and analyticaltools and methodologies to achieve Mayo goals.
•Conducting information security assessments.
•Addressing information security questions and inquiries from business, clinical areas, and other OIS teams.
•Ensuring appropriate treatment of cybersecurity risk and monitoring compliance to Mayo’s Information Security policies,processes and procedures.
•Creating, supporting, and evaluating security prototypes.
•Administering Information Security processes and tools that enable the organization to operate effectively and efficiently
•Creating policies, processes and procedures and guiding them through the approval process.
•Handles a varied workload of projects with multiple priorities.
•Staying current on information security, technology and healthcare trends and institutional changes.
•Using excellent interpersonal skills to include presentation, negotiation, influencing, team facilitation and writtencommunications.
•Effectively managing time.
•Assists with directing the work of Analysts and Associate Analysts.
•Drafting communication of risk and complex cyber security topics to a diverse audience.
Additional qualifications may apply (see additional experience and/or qualifications):
• Organizational Change Management – particular focus on Procsi’s ADKAR model
• Project Management – particular focus on the Project Management Body of Knowledge (PMBOK)
• Business Analysis – particular focus is on the Business Analysis Body of Knowledge (BABOK)

Responsibilities also include:

• Remote Access Project Support:
• Managing vendor engagements and communications related to remote access
• Assist with RA risk scoring, controls, and mitigations and escalations
• Onboard/offboard vendor non-standard remote access
• Assist with inventory tracking
• Primary Engineer/Administrator on new approved remote access tool (Imprivata)
• Develop reporting and metrics using tools Power BI, Excel, or other data reporting tools
• Operational Support to manage vendor onboarding, incidents and ongoing maintenance of Imprivata.
  

Mayo Clinic will not sponsor or transfer visas for this position including F1 OPT STEM.

During the selection process you may participate in an OnDemand (pre-recorded) interview that you can complete at your convenience. During the OnDemand interview, a question will appear on your screen, and you will have time to consider each question before responding. You will have the opportunity to re-record your answer to each question - Mayo Clinic will only see the final recording. The complete interview will be reviewed by a Mayo Clinic staff member and you will be notified of next steps.

Master's degree in applicable field and 4 years' experience, or Bachelor’s degree in applicable field and 5 years’ experience.
Pertinent fields of study and experience includes (but is not limited to) the following: information security, operational analysis,
process change, electronic systems implementation, leadership, systems analysis and project management with broad-based
key enterprise initiatives.Must have one of the following certifications (or equivalent) at time of hire. In lieu of
certification at time of hire, candidate must pass the exam within three years and complete the certification process
once years of service requirements of the certifying body have been met.
• CISSP
• CISM
• HCISPP
• GSEC
• OSCP