Job Title: Sr. Information Security (InfoSec) Analyst - Risk and Compliance


City of Hope, an innovative biomedical research, treatment and educational institution with over 4000 employees, is dedicated to the prevention and cure of cancer and other life-threatening diseases and guided by a compassionate, patient-centered philosophy.

Founded in 1913 and headquartered in Duarte, California, City of Hope is a remarkable non-profit institution, where compassion and advanced care go hand-in-hand with excellence in clinical and scientific research. City of Hope is a National Cancer Institute designated Comprehensive Cancer Center and a founding member of the National Comprehensive Cancer Network, an alliance of the nation's 20 leading cancer centers that develops and institutes standards of care for cancer treatment.


Reporting to the Information Security Risk and Compliance Manager, theInformation Security Risk and Compliance Senior Analyst is responsible for security risk activities management, security policy management and security incident response & security awareness. In addition, the incumbent will oversee and support security administration activities, including monitoring and reporting security activity, user access reviews, internal and external audit requests, vulnerability management and physical/logical security system administration. The Senior Analyst is responsible for identifying risks relating to information security, IT risk management, IT governance, Compliance, Payment Card Industry (PCI), Incident response and Vendor Risk management. The role also directs the adoption and implementation of policies and procedures across the enterprise.

Additionally this role will work with the Security Engineering and Architecture team, responsible for ensuring overall enterprise security architectural design complies with identified policies and procedures. This role will also be responsible for defining Enterprise Architecture processes such as the Enterprise Architecture process and for leading the integration of these processes with other related business and IT processes.


  • Lead or assist in the planning, implementation and introduction of projects for new systems, technologies, processes and procedures

  • Monitors information security risk through strict governance processes and procedures

  • Skilled collaboration with subject matter experts, business partners, business units, and executive leadership to ensure alignment of expectations

  • Experience with information security risk assessments

  • Ensure adherence to project schedules; monitor project milestones; and recommend resource allocation to avoid budget or schedule variances

  • Provide strategic reports for executive leadership, business stakeholders, and IT team

  • Collaborate with business units and vendors to build effective relationships and collaborative team environments


  • Perform current state risk assessments, continual risk assessments, gap analysis, risk metrics and reporting, risk convergence IT risk and control framework design, and integrated operational risk management

  • Identify and prioritize risk based on impact and likelihood, inherent vs residual

  • Maintain and monitor Information Security Risk Exception process to ensure identification of areas of high risk

  • Monitor and advise on information security issues related to the systems and workflow to ensure the internal security controls for the campus are appropriate and operating as intended

  • Provides coordination and support for execution of IT security projects

  • Monitors regulatory compliance with enterprise security policies and educates department leaders on compliance efforts

  • Create and manage an information security awareness program to customize communication tools and campaigns for each department and the roles

  • Coordinates business continuity planning efforts across departments

  • Understands the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments

  • Sets standards and policies for information sharing on internal and external platforms

  • Collaborate with IT management, the legal department, safety and security, others to manage security vulnerabilities

  • Consults with program/project teams to fit solutions to architecture across all viewpoints

  • Understands, advocates, and supports the enterprise's business and IT strategies

  • Ensures that the optimal governance structure and compliance activities (such as exception requests) are associated with identified risks

  • Analyzes industry, technology, and market trends to determine their potential impacts on the enterprise

  • Analyzes the current business and IT environment to detect critical deficiencies and recommends solutions for improvement

  • Proactively shares knowledge of technology risks and opportunities to improve efficiency and effectiveness of the Cyber Security and Enterprise ArchitectureS/he partners with business leadership and other key stakeholders to define opportunities and prioritize IT Business Requests and projects based on predefined criteria (e.g. return on investment, productivity, compliance, legal, operational risk reduction, and contractual requirements)



  • Bachelor's Degree

  • Master's Degree (Preferred)

  • 5 years of experience of working in Information Security

  • Preferered oneor more industry certifications such as CISSP, CISM, CRISC, GSEC and CISA required within 6 months of hire

  • City of Hope strongly supports and values the uniqueness of all individuals and promotes a work environment where diversity is embraced. City of Hope is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with disability. *LI-DA | *CB-DA

      Login with Facebook

    Sr. Information Security (InfoSec) Analyst - Risk And Compliance Located At CA, Irwindale - Job Post By: City Of Hope

    [Browse Jobs] - [Back to Previous Page] - [Random Jobs]

    Featured Employers

    Bed Bath & Beyond BI-LO Brooks Running buybuy BABY
    C & S Companies Cabela's Incorporated Carbonite Carestream
    Central Community College Christmas Tree Shops City of Hope Community Health Center, Inc.
    Compass Group Datto DialogTech Foley Equipment
    Fresco Y Mas Harbor Freight Tools Harmon Harveys
    Information Services Group Integra LifeSciences InterContinental Hotels Group Interim HealthCare
    Interstate Batteries Keenan & Associates KPMG Morsco
    NeighborWorks America Nestle Purina O'Reilly Auto Parts OceanFirst Bank
    Office Depot Packaging Corporation of America Phillips 66 Schaedler Yesco Distribution, Inc.
    Shimadzu Scientific Instruments, Inc. South Jersey Industries Southeastern Grocers Sun National Bank
    Sutherland The Children's Village The Hanover Insurance Group The Nature Conservancy
    The Scotts Miracle-Gro Company tronc TSymmetry Union of Concerned Scientists
    US Ecology, Inc. Verisk 3E Vermeer Midwest Winn Dixie
    World Market YRCI