HTM Information Security Analyst

This is an onsite position based in Rochester and will be affiliated with the Third-Party Risk Management (TPRM) Program. Consideration will be given to other locations, but the candidate must be located or relocate to where they are able to be onsite periodically.

The incumbent will serve as a TPRM Navigator for HTM serving the Practice and Facility’s divisions. The incumbent should possess outstanding customer service skills and a comprehensive knowledge of information security, networking, and medical / facility’s equipment. The incumbent's main duty will be to facilitate the TPRM process for the Practice, business proponents, manufacturers; and also cooperate with the Office of Information Security, the Risk Domains and other TPRM navigators.

We are seeking a skilled analyst with expertise in reporting and analytical tools, large-structured databases, and medical / facility device inventory data. The analyst will develop a comprehensive reporting / analytics program, including dashboards, metrics, KPIs, and reporting requirements. Excellent communication skills are essential. The ideal candidate should have a desire to learn and implement new automation and AI technologies, knowledge of frameworks and methodologies, and be innovative and creative.

The Information Security Analyst serves as a liaison between technology and the business including various oversight committees. The Information Security Analyst understands the following : Industry standard information security concepts, Organizational Change Management, Project Management and Business Analysis. The Information Security Analyst has basic experience and is building skills in : Integrating multiple disciplines (e.g., business / systems process analysis, data analysis, data informatics, risk management, regulatory requirements, and technology) for strategic and operational planning. Applying problem-solving methods, planning techniques, continuous improvement, project management, and analytical tools and methodologies to achieve Mayo goals. Conducting information security assessments. Collaborating with others to address security questions and responding to customer inquiries. Ensuring appropriate treatment of cyber security risk and monitoring compliance to Mayo's Information Security policies, processes and procedures. Creating, supporting, and evaluating security prototypes. Administering Information Security processes and tools that enable the organization to operate effectively and efficiently. Creating, coordinating, conducting and / or evaluating training courses within pertinent subject domain. Drafting policies, processes and procedures. •Managing a varied workload of projects with multiple priorities. Staying current on information security, technology and healthcare trends and institutional changes. Developing interpersonal skills to include presentation, negotiation, influencing, team facilitation and written communications. Effectively managing time. Additional qualifications may apply (see additional experience and / or qualifications).