Trinity Health logo
Trinity Health

Trinity Health is a multi-institutional healthcare network that serves over 30 million people with compassionate healing services. The health system was formed

Senior Security Risk Management Consultant

Location

United States

Posted

22 hours ago

Salary

0

Seniority

Senior

Job Description

Senior Security Risk Management Consultant

Trinity Health

Role Description The Senior Security Risk Management Consultant serves as a strategic advisor, liaison, and subject matter expert, driving enterprise-wide security risk management strategies that support Trinity Health’s mission and operational excellence. This role partners with senior leadership, security, IT, and business stakeholders to identify, assess, and mitigate cybersecurity risks while ensuring alignment with organizational priorities and regulatory requirements. - Leading complex risk assessments - Guiding risk treatment strategies - Influencing enterprise decision-making - Strengthening overall risk posture through governance, metrics, and continuous improvement Qualifications - Bachelor’s degree or an equivalent combination of education and experience - One or more security certifications: CISSP, ISSA, CISA, CISM, CRISC, GRCP or equivalent - Minimum of seven (7) years of progressive experience in information services including three (3) years working in cybersecurity governance, risk, and compliance (GRC) - Minimum of three (3) years of progressively responsible experience in healthcare and/or other regulated industries - Strong knowledge of the HIPAA Security Rule and applicable industry security regulations - Proven knowledge of enterprise security principles and practices - Working knowledge of one or more information security regulations and/or frameworks - HIPAA, ISO 27001/2, FISMA, FIPS, HITRUST and NIST security - Experience with GRC platforms (e.g., ServiceNow GRC, RSA Archer, OneTrust, or similar) - Excellent oral and written communication skills - Proficiency in performing third-party risk assessments and negotiating contractual security language - Proven ability to apply appropriate project management methodology - Ability to operate in an ambiguous and highly matrix organizational structure Requirements - Actively building skills in courageous, authentic leadership - Ability to manage multiple and ever-changing priorities - Some knowledge of and experience with clinical application systems - Proven ability to operate with speed and focus - Must demonstrate a strong commitment to continuous personal and professional growth - Ability to work independently and manage multiple priorities Benefits - Rooted in our Mission and Core Values, we honor the dignity of every person - We are an Equal Opportunity Employer - All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other status protected by federal, state, or local law Physical and Mental Requirements and Working Conditions - This position operates in a typical office environment - The area is well lit, temperature-controlled, and free from hazards - Incumbent communicates frequently, in person and over the telephone - Remote office must be set up to maintain confidentiality and privacy of business and clinical information - Manual dexterity is needed to operate a keyboard - Hearing is needed for extensive telephone and in-person communications - Must be capable of traveling in the course of completing project assignments - Frequent overtime is required to meet deadlines - Must be able to travel to the various Trinity Health sites as needed (10% or less)

Related Categories

Related Job Pages

More Security Engineer Jobs

PLACE logo

Security Engineer

PLACE

Everything Home - All in one PLACE

Security Engineer23 hours ago
Full TimeRemoteTeam 201-500Since 2020H1B Sponsor

• Configure and operate security scanning tools to effectively identify and analyze vulnerabilities • Remediate infrastructure vulnerabilities as they appear and put in place process to preemptively avoid recurrence • Triage, investigate, and escalate security alerts with remediation recommendations • Document procedures, best practices, and technical security standards • Collaborate with internal and external engineering teams to optimize alert rules and monitoring coverage • Provide technical thought leadership regarding the security of networks and systems • Identify scanning and monitoring gaps as well as ensuring all our dependencies are being fully audited • Support debug/testing and remediation management to enhance infosec posture • Participate in an after-hours on-call rotation to investigate and triage security alerts • Develop a deep knowledge of organizational systems, environments, and security tools • Ensure that products and services meet established security standards set by the company • Monitor networks and systems for intrusions and implement protection and recovery methods • Identify and advise on security risks associated with new development or system changes • Assist in providing access to users and applications using our security standards and best practices

United States
$140K - $180K / year
Quisitive logo

Digital Security Coach

Quisitive

You envision the future of your business. We take you there.

Full TimeRemoteTeam 501-1,000H1B No Sponsor

• Lead recurring customer security coaching sessions, including tactical reviews, advisement sessions, and executive-level security discussions. • Review threats, incidents, posture trends, identity risks, compliance insights, and Microsoft security telemetry to identify meaningful areas for improvement. • Translate technical findings into clear, business-focused recommendations, roadmaps, and next steps. • Partner with MDR/SecOps, Customer Success Managers, consultants, and analysts to align customer priorities, risks, workstreams, and communication plans. • Help customers improve their understanding of their security environment and the effectiveness of their tools, processes, and controls. • Review and provide guidance across Microsoft security capabilities, including Microsoft Defender XDR, Microsoft Sentinel, Microsoft Entra ID, Microsoft Purview, Conditional Access, MFA, PIM, email security, insider risk, and cloud app governance. • Build and maintain customer-specific security roadmaps tied to licensing, budget, risk priorities, compliance drivers, and measurable outcomes. • Conduct security architecture and adoption planning to help customers optimize the value of their Microsoft tools and licenses. • Analyze security trends and make recommendations related to external and internal threats, including malware, identity-based risk, data leakage, and attack surface reduction. • Prepare advisement materials, tactical decks, quarterly executive summaries, and customer-facing recommendations using evidence from dashboards, analytics tools, KQL queries, reports, and telemetry trends. • Guide client conversations toward additional security enhancements, roadmap initiatives, and continuous improvement opportunities. • Monitor customer security issues, escalations, and requests, validating context and converting learnings into repeatable guidance. • Contribute to playbooks, best practices, and coaching materials while mentoring supporting consultants or analysts as needed.

United States
Smartsheet logo

Senior Security Engineer I – Customer Trust

Smartsheet

Founded in 2005, Smartsheet offers collaborative work management and process automation to empower greater enterprise productivity. A leading cloud-based platfo

• Own US customer trust operations: Manage intake, triage, prioritization, and completion of customer security questionnaires, vendor risk assessments, and RFIs for US-based customers. • Respond to customer security inquiries with technical depth: Complete questionnaires accurately, respond to RFIs, and address customer security concerns with responses that demonstrate understanding of Smartsheet's architecture and security controls. • Manage questionnaire queue and ensure SLA compliance: Maintain visibility into pending assessments, track completion timelines, and escalate delays. Keep customers informed of progress and manage expectations. • Build customer relationships and provide security assurance: Become a trusted resource for customer security teams. Understand their compliance requirements, ask clarifying questions, and provide responses that build confidence in Smartsheet's controls. • Support US sales teams: Work with sales and customer success teams to remove security-related deal blockers, provide compliance assurance materials, and accelerate customer buying cycles. • Escalate and collaborate on complex assessments: Identify questions requiring specialized expertise (AI security, FedRAMP, HIPAA, specific control implementations) and escalate appropriately. Work cross-functionally to gather evidence and provide comprehensive responses. • Understand industry-specific compliance: Respond to questions about HIPAA, NIST, state privacy laws (CCPA, etc.), PCI DSS, and sector-specific requirements relevant to customer industries. • Drive process improvements: Identify opportunities to improve questionnaire completion efficiency, update response templates, and recommend changes that benefit the team and customer experience.

United States
$145K - $210K / year
Mollica IT logo

Senior SAP Security Consultant – GRC/AC

Mollica IT

Recrutando talentos de tecnologia & conectando histórias

Full TimeRemoteTeam 11-50Since 2013H1B No Sponsor

• Gather and analyze requirements together with business areas; • Convert functional requirements into technical requirements, preparing high- and low-level architecture documents; • Participate in alignment meetings and requirements-gathering sessions with business users; • Facilitate Fit-to-Standard workshops; • Validate requirements in the system and in the SAP Fiori application library, ensuring end-to-end coverage of functionalities in Solution & Architecture documents; • Execute exploratory testing to ensure consistency of functional design documents; • Update design documents during functional testing, defect remediation, integration testing, and UAT; • Create, review, and update SAP authorization concepts; • Contribute to the creation and review of training materials; • Provide support during Hypercare activities; • Perform other routine activities within the area.

Brazil