Job Summary / Purpose

The purpose of the Associate Cybersecurity Analyst position is to support the Governance, Risk, and Assurance program’s risk assessment team for CommonSpirit.  This program is responsible for cybersecurity risk and governance including vendor risk assessment, internal security risk assessments, and medical device reviews.

The Associate Cybersecurity Analyst, Risk Assessment position will report to the Manager, Governance, Risk and Assurance as part of the Risk Assessment team, assessing and communicating the risk of software solutions and medical devices hosted or used by CommonSpirit Health as well as the risk from its vendors which host, process, or have access to sensitive CommonSpirit data assets.

Job Responsibilities

• Performs basic risk assessment tasks.
• Supports risk assessment initiatives
• Identifies, scores, documents, and reports on cybersecurity risks identified during the assessment process.
• Collaborates with internal stakeholders
• Perform other job duties as required.

• Bachelors Preferred or equivalent work experience required.
• Entry Level
• 0-2 years’ experience

Ideal candidates will have:

• A blend of technical knowledge (IT, security tools, frameworks like NIST or CIS).
• Soft skills (communication, analytical thinking, attention to detail).
• The ability to identify, evaluate, and remediate Cybersecurity risks.
• Familiarity with risk management processes, compliance standards (GDPR, HIPAA).