**WE ARE OPEN TO BOTH INTERMEDIATE AND SENIOR LEVEL APPLICANTS**
The Office of Cyber Security ensures cyber security risks to the confidentiality, integrity, and availability of Penn State Health (PSH) and College of Medicine (COM) information are identified, assessed, and maintained at acceptable levels. This is accomplished through the measurement of risk and communication of the risk management framework.
The Cyber Risk Management Specialist (CRMS) is responsible for ensuring operational excellence of cyber security risk management activities, including but not limited to:
Performing technical risk assessments on PSH and COM Information Systems using established processes
Ensuring communication and awareness of the PSH and COM Security Risk Management framework
Ensuring cyber risks are appropriately managed within risk appetite tolerance and limits
Contributing to the aggregation and reporting of cyber risk metrics and information
Supporting cyber security strategies and reporting
Acting as a subject matter expert for cyber risk management and engaging with cross-functional teams
Intermediate Level Qualifications:
A Bachelor's degree in computer science, cybersecurity, information technology or in a related field AND 4 years of experience in cyber risk management. OR 8 total years of experience and education.
S enior Level Qualifications:
A Bachelor's degree in computer science, cybersecurity, information technology or in a related field AND 8 years of experience in cyber risk management. OR 12 total years of experience and education.
Proven understanding of cyber security risk assessment and risk management procedures and methodologies
Ability to correlate enterprise risk with appropriate administrative, physical, and technical security controls
Experience using and/or managing a Governance, Risk, and Compliance (GRC) tool
Strong knowledge of cyber security principles, standards, practices, and technologies
Strong knowledge of industry and regulatory requirements (i.e., HIPAA, PCI, etc.)
Proven strong background in cyber security and operational processes
This job description is a general outline of duties performed and is not to be misconstrued as encompassing all duties performed within the position. All individuals (including current employees) selected for a position will undergo a background check appropriate for the position's responsibilities.
Penn State Health is fundamentally committed to the diversity of our faculty and staff. We believe diversity is unapologetically expressing itself through every person's perspectives and lived experiences. We are an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to age, color, disability, gender identity or expression, marital status, national or ethnic origin, political affiliation, race, religion, sex (including pregnancy), sexual orientation, veteran status, and family medical or genetic information. If you are unable to use our online application process due to an impairment or disability, please call 717-531-8440 between the hours of 8:30 AM and 4:30 PM, Eastern Standard Time, Monday - Friday, email email@example.com or download our Accommodation Instructions for Job Applicants PDF for more detailed steps for assistance.
Internal Number: 19519
About Penn State Health
At Penn State Hershey, our mission is to enhance the quality of life and serve our community through improved health, the education of health professionals, and the discovery of knowledge. For us, service excellence is not only for our patients but also our employees. It means valuing each and every employee.