TheSecurity Risk Analyst is responsible for assessing information risk, preparingsecurity plans of action and milestones (POAMs), and remediating identifiedvulnerabilities for IT security and IT risk across the UTHSC. Responsibilities include assessing thecurrent adequacy of the security strategy, business continuity /disasterrecovery plans, threats to systems,platforms, networks, data and information, and then calculating the impact ofpotential adverse events.
DUTIES AND RESPONSIBILITIES:
Designs and implements an overall risk management process for the UTHSC which includes an analysis of the impact on the UTHSC when risks occur.
Performs risk assessments: Analyzes and evaluates current risks and identifying potential risks.
Recommends improvements in current risk management controls and implementation of system changes and upgrades.
Provides reports, documentation, and recommendations for improvement tailored to relevant governance and stakeholders.
Initiates and conducts policy and compliance audits of information systems, platforms, operating procedures, and governance processes.
Assesses the current adequacy of the security strategy, business continuity /disaster recovery plans, threats to systems, networks, data and information.
Development and administration of outreach, communication, and training efforts pertaining information security risk, requirements, and solutions.
Assists in identifying security breaches and participates in the Incident Response process.
Performs other duties as assigned.
Internal Number: 175391
The mission of the University of Tennessee Health Science Center is to bring the benefits of the health sciences to the achievement and maintenance of human health, with a focus on the citizens of Tennessee and the region, by pursuing an integrated program of education, research, clinical care, and public service.