Inspired by faith. Driven by innovation. Powered by humankindness. CommonSpirit Health is building a healthier future for all through its integrated health services. As one of the nation’s largest nonprofit Catholic healthcare organizations, CommonSpirit Health delivers more than 20 million patient encounters annually through more than 2,300 clinics, care sites and 137 hospital-based locations, in addition to its home-based services and virtual care offerings. CommonSpirit has more than 157,000 employees, 45,000 nurses and 25,000 physicians and advanced practice providers across 24 states and contributes more than $4.2 billion annually in charity care, community benefits and unreimbursed government programs. Together with our patients, physicians, partners, and communities, we are creating a more just, equitable, and innovative healthcare delivery system.

The Cybersecurity Associate Analyst is primarily focused on supporting the national effort of aligning and enabling Cybersecurity across CommonSpirit regions and markets.  The associate analyst supports the design, development, and implementation of solutions to resolve high to complex difficulty technical and business issues related to information security such as:

• Support the delivery of cybersecurity guidance to best protect the organization from cyber threats and exposures as needed.
• Documentation, and coordination with other teammates and teams, assisting with response and recovery, and any necessary post-incident activities for cybersecurity investigation for incident response.
• Identify and leverage themes and trends to strategically remediate and/or partner with other cyber departments and serve the organization to reduce and resolve cybersecurity issues and risks. 
• Supporting and engaging in regional cyber activity and needs through partnership and direction with the Regional Cybersecurity Officer(s). 
• Processing tickets that involve providing guidance on Cyber policy, standards and guidelines.  

Job Responsibilities

• Analyze end user requests for access to blocked websites and USB devices by evaluating business needs against cyber risk and providing guidance and/or support, accordingly.
• Analyze security policy exception requests by working with requesters to evaluate the need for exception against potential alternative options and coordinating efforts to select the best path forward.
• Coordinate and support onsite or virtual security rounding of facilities, including hospitals, clinics and other clinical sites.
• Leverage cybersecurity, IT operations, and collaboration platforms such as Google Workspace, Service Management, Rapid 7 and Medigate to support metrics collection and analysis functions.
• Compile regional security metrics to support monthly, quarterly and annual trending of security vulnerabilities within regions and across the organization.
• Provide support and guidance to application and technology teams in their efforts to comply with CommonSpirit Health Cybersecurity policies, standards and procedures as they perform their systems implementation and operations activities.
• Foster positive relationships with stakeholders throughout CommonSpirit.
• Create and maintain both regional and market level reports that drive engagement, education and decisions for Cyber and Operational Leadership. 
• Compile regional and market level metrics for VM, Phishing, Exceptions to Policy/Rule Sets with Applications, HIPAA Assessment, Rounding Visit/Remediation and additional relevant metrics. 
• Provide an overview of the Region and detailed market level insights. 
• Support HIPAA Security Assessments as well as other assessment as assigned by: 
• attending kick-off calls
• conducting remediation follow-up
• Manage rounding findings and follow-ups with business/risk owners. 
• Prepare and maintain monthly slide decks for Regional Cyber focused calls. 
• Other duties as assigned. 

• Bachelors and 0-2 years’ experience Required or equivalent exp.