Information Security Risk Analyst

Raleigh, North Carolina

 Crescens
Apply for this Job
Job Title: Information Security Risk Analyst
Location: Raleigh, NC
Duration: 12 Month Contract Position
Onsite Position

Job Description:
  • Ensure full alignment with NIST SP 800-53 Revision 5, including: RA (Risk Assessment), AC (Access Control), SC (System Communications Protection), IR (Incident Response), and more.
  • Incorporate NIST Privacy Framework and NIST SP 800-53 Rev. 5 privacy control families (AP, AR, DI, DM, IP, SE, TR, UL).
  • Build and maintain a comprehensive risk register, with treatment plans for mitigation, transfer, acceptance, or avoidance.
  • Map risks and mitigation efforts to HITRUST CSF control domains to support future certification
  • Develop and deliver documentation, dashboards, and executive summaries.
  • Collaborate with internal stakeholders to validate findings and support security governance efforts.
Required Skills
  • Experience in IT risk management, cybersecurity, or information security assessment.
  • Demonstrated knowledge of NIST SP 800-30, NIST SP 800-53 Rev. 5, and NIST Privacy Framework.
  • Experience performing security and privacy risk assessments with documentation aligned to federal and state standards.
  • Familiarity with HIPAA Security and Privacy Rules, and healthcare-specific risk domains.
  • Experience with HITRUST CSF alignment or certification preparation.
  • Strong written and verbal communication skills for technical and executive audiences
Date Posted: 13 May 2025
Apply for this Job
Show me similar jobs
Send me jobs by email