Information Security Risk Analyst

About the position The Information Security Risk Analyst will support the Information Security Risk Management team in executing vendor risk reviews, managing Information Security policy exceptions, and contributing to the development and automation of risk processes. This role is critical in helping Corewell Health identify, evaluate, and mitigate information security risks across internal systems and third-party vendors. The analyst will work closely with business units, digital services, and external partners to ensure compliance with regulatory standards and internal policies. Responsibilities • Conduct internal and vendor Information Security risk reviews using the Health Insurance Portability and Accountability Act (HIPAA) and NIST Cyber Security Frameworks. • Support the Information Security policy exception process, including intake, documentation, and coordination of approvals through Integrated Risk Management (IRM) platform. • Assist in the development and refinement of risk action plans, tracking remediation efforts, and reporting on residual risk. • Collaborate with stakeholders to gather technical and business context related to risk reviews and policy exceptions. • Looks for opportunities to learn from more experienced Security Analysts. • Actively participates in safety initiatives and risk mitigating measures where appropriate and completes all position and unit safety related competencies and requirements on a timely basis. • Performs other duties as assigned. Requirements • Bachelor's degree in Information Systems, Cybersecurity, or related field • 2 or more years of experience in information security, risk management, compliance, or other relevant experience • Familiarity with risk frameworks (NIST CSF, HIPAA, etc.) • Detailed knowledge of system security principles and technology Nice-to-haves • Experience working with risk automation platforms such as ServiceNow Integrated Risk Management • Healthcare experience, preferably at a covered entity • Knowledge of cloud security and hybrid IT environments Benefits • Comprehensive benefits package to meet your financial, health, and work/life balance goals. • On-demand pay program powered by Payactiv • Discounts directory with deals on the things that matter to you, like restaurants, phone plans, spas, and more! • Optional identity theft protection, home and auto insurance, pet insurance • Traditional and Roth retirement options with service contribution and match savings • Eligibility for benefits is determined by employment type and status Apply tot his job