Cybersecurity Business Systems Analyst III HIPAA

Primary City/State:

Department Name:

Work Shift:

Job Category:

Health care is full of possibilities. Information Technology plays a pivotal role in excellent patient care at Banner Health. If you’re looking to leverage your abilities – you belong at Banner Health.  

Cybersecurity Governance, Risk, and Compliance (GRC) is a critical framework that helps organizations manage their operations with a clear understanding of risk while adhering to regulatory requirements. In the context of healthcare, GRC becomes even more vital when dealing with sensitive data, such as patient health information, which is governed by laws like HIPAA. Regular HIPAA assessments, which fall under the umbrella of GRC, ensure that an organization’s practices align with federal privacy and security regulations, preventing data breaches and ensuring the safety of protected health information (PHI). By performing these assessments, organizations can not only mitigate the risk of costly penalties but also build trust with clients and patients, demonstrating a commitment to privacy and security.

A typical day in the life of a Cybersecurity GRC Business Systems Analyst III involves assessing the organization's existing security policies and controls, evaluating potential risks to PHI, and conducting regular HIPAA compliance audits. You’ll work closely with cross-functional teams, helping them understand how to implement best practices to meet regulatory standards and improve the security posture of the organization. It’s a dynamic, problem-solving role that combines strategic thinking with practical application—no two days are alike, and every decision you make helps fortify the organization against emerging threats. From reviewing risk assessments to guiding the implementation of corrective actions, the impact of your work is felt throughout the company, making every day both challenging and rewarding.
 

Typically Monday - Friday 8am - 5pm AZ MST

This can be a remote position if you live in one of the following states: AL, AK, AR, AZ, CA, CO, FL, GA, ID, IN, IA, KS, KY, LA, MD, MI, MN, MS, MO, NE, NH, NV, NM, NY, NC, ND, OH, OK, OR, PA, SC, TN, TX, UT, VA, WA, WV, WI, & WY. 

POSITION SUMMARY
This position is responsible for delivering Cybersecurity objectives to plan and designing, developing, and implementing, efficient business, technical, financial, and operational practices or systems in support of core organizational functions and business processes. This includes gathering and analyzing data or requirements in support of business cases, proposed projects, and systems requirements. This individual is competent to work at the highest practical understanding of the Essential Functions across the Cybersecurity organization. You will be required to apply proven communication, analytical, technical, and problem-solving skills to help maximize the benefit of Cybersecurity practices and investments. Provides all customers, both internal and external, of Banner Health with excellent service experience by consistently demonstrating our core and leader behaviors each and every day.

CORE FUNCTIONS
1. Manage process enhancement and redesign efforts to streamline Cybersecurity delivery. Review and analyze the effectiveness and efficiency of existing systems and processes to develop strategies for improving or further leveraging, consolidating, or decommissioning.

2. Ability to work independently and as a team with minimal oversight to identify and establish scope and parameters of required analysis in order to define outcome criteria and deliver measurable actions as part of daily efforts as well as in projects.

3. Ability to determine key data points from raw data and generate information to create meaningful actionable metrics and represent at an executive level.

4. Ability to translate complex, technical specifications into understandable and actionable business requirements.

5. Ability to manage financial planning processes and deliver financial results and reporting including month end, total cost of ownership, ROI, and CBA.

6. Conduct research to make recommendations and to support decision making with the ability to communicate effectively at all levels of the organization.

7. Provides guidance, direction, and oversight for compliance with all federal, state, and local mandated information security laws, rules, and guidelines. Remain current with the latest industry information.

8. Ability to interpret, evaluate, manage, and strategize vendor relationships.

9. Under general direction, this position is responsible for Cybersecurity across multiple departments system-wide and requires interaction at all levels of staff and management.

MINIMUM QUALIFICATIONS

Must possess strong knowledge of business, cybersecurity, information technology and/or computer science as normally obtained through the completion of a bachelor's degree. Certification may be required in at least one of the following areas within one year of entering the position. Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Systems Security Certified Practitioner (SSCP), Payment Card Industry - Internal Security Assessor (PCI-ISA), Certified in Risk and Information Systems Control (CRISC), HealthCare Information Security & Privacy Practitioner (HCISSP), CompTIA Security+ or other certification designated by the Information Security Leader.

Must possess four years of experience in a healthcare or related environment or an equivalent combination of relevant education, technical, business and healthcare experience. Must demonstrate expertise in information technology and healthcare. Needs experience in medium to large scale project planning and reporting either individually or in a team. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate and interact across facilities and at various levels. Ability to balance project workloads with customer support and on-call demands. As is typical in this industry, variable shifts and hours and carrying/responding to a pager may be required.

Demonstrate proficiency with the Microsoft Suite of products and other tools depending on position requirements.

PREFERRED QUALIFICATIONS
Advanced degree may substitute for work experience.

Additional related education and/or experience preferred.

EEO Statement:

EEO/Female/Minority/Disability/Veterans

Our organization supports a drug-free work environment.

Privacy Policy:

Privacy Policy