Senior Information Security Analyst – Risk

Responsible for leading risk assessment initiatives of internal and external applications/solutions to
determine their adherence to Piedmont’s Policies, Standards and industry best practices. Leading the
development, implementation and management of all activities related to Piedmont Healthcare System’s
Information Security Governance, Risk and Compliance Program. Develops enterprise information
security policies, technical standards, guidelines, and procedures necessary to support information
security in compliance with established company policies, regulatory requirements, and generally
accepted information security controls.

Qualifications
MINIMUM EDUCATION REQUIRED:
Bachelor’s degree in Information Security or related field required.
In lieu of degree, four (4) years of relevant work experience will be accepted in addition to the experience
requirement.
MINIMUM EXPERIENCE REQUIRED:
Four (4) years of experience in Information Security or a closely related field involving Security standards
and regulations (such as HIPAA, PCI-DSS 3.2, ISO 27001, HITRUST and NIST) with a solid
understanding of network security protocols and methodologies.
(If no degree, a total of four (8) years of experience required.)
MINIMUM LICENSURE/CERTIFICATION REQUIRED BY LAW:
None.
ADDITIONAL QUALIFICATIONS:
Certified in one of more of the following area(s):
Certified Information Systems Security Professional (CISSP), Healthcare Certified Information
Security
and Privacy Professional (HCISPP), GIAC Security Essentials Certified (GSEC), Certified in Risk and
Information Systems Control (CRISC), Certified Information Systems Auditor (CISA) or equivalent
certification.
Strong project management skills with leadership experience in an IT Support Organization preferred.