Job Description Insight Global is looking for a highly motivated and experienced Cybersecurity Risk Analyst to support one of our largest healthcare clients on a fully remote 6-month contract-to-hire. The ideal candidate will be comfortable engaging with stakeholders across various business units, capable of independently guiding teams through risk rating and remediation processes and experienced in handling policy exceptions and drafting procedural documentation. Familiarity with platforms like ServiceNow for risk management and program building, and a solid understanding of regulations such as HIPAAincluding experience with HIPAA Security Assessments or Health Industry Cybersecurity Practices (HICP) assessmentsis preferred. Responsibilities include but are not limited to:  Conduct comprehensive risk assessments across applications, systems, and enterprise-wide initiatives to identify potential threats, vulnerabilities, and their impact on confidentiality, integrity, and availability of data.  Lead or support the execution of HIPAA Security Risk Assessments (SRA) and/or HICP assessments, including documenting findings, recommending corrective actions, and ensuring ongoing compliance.  Independently conduct risk rating for issues using ISO, COBIT, NIST frameworks in partnership with other stakeholders. Additionally, guide and facilitate diverse business units in performing their own risk ratings to help them understand risk implications and remediation priorities.  Collaborate with the stakeholders in developing and implementing risk mitigation strategies aligned with industry standards and best practices such as NIST, ISO 27001, and HIPAA.  Utilize Governance, Risk, and Compliance (GRC) toolsspecifically ServiceNowto manage risk registers, track remediation plans, automate workflows, and generate reports on risk status and compliance metrics.  Manage and oversee policy exception processes, including documentation, risk analysis, and tracking.  Stay current with the evolving threat landscape, regulatory changes, and emerging cybersecurity technologies to proactively identify and address potential risks.  Contribute to the continuous improvement of the organization's risk management program and cybersecurity posture.  Draft clear and actionable procedure documents and other risk-related documentation to support policy implementation and operational consistency.  Develop and deliver training and awareness programs to educate employees on cybersecurity risks, policies, and best practices.  Participate in incident response activities, providing risk analysis and remediation support as needed. Compensation while on contract: $35/hr - $55/hr Conversion salary range: $80k-$110k We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (https://airtable.com/app21VjYyxLDIX0ez/shrOg4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12ScreenRdr.pdf) . To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ . Skills and Requirements 3-5+ years of experience in cybersecurity risk management, including performing risk assessments at both application and enterprise levels.  Demonstrated expertise in conducting risk assessments and developing mitigation strategies aligned with HIPAA, NIST, and ISO 27001.  Relevant industry certifications such as CRISC, CISM, CISSP, or CISA.  Experience with HIPAA Security Risk Assessments and/or HICP assessments.  Proven ability to work independently, manage multiple projects, and collaborate with cross-functional teams.  Experience managing policy exceptions, including evaluating risks and ensuring proper documentation and approvals.  Skilled in drafting procedures and operational documentation related to cybersecurity risk and compliance processes.  Strong understanding of security principles, technical controls, and common attack vectors.  Excellent communication, interpersonal, and presentation skills with the ability to effectively engage technical and non-technical stakeholders across all levels.  Strong analytical, problem-solving, and critical thinking abilities. Bachelors degree in Cybersecurity, Information Technology, Computer Science, or a related fieldor equivalent industry training and certifications.  Hands-on experience with GRC platforms, particularly ServiceNow, including modules related to risk, compliance, and policy management.  Experience working in a regulated industry, particularly healthcare. null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.