Information Security Risk Analyst

  • Oregon Health Authority
  • Oct 10, 2018
Full time Information Systems Information Security

Job Description

The Oregon Health Authority is modernizing and expanding their IT infrastructure and currently has a fantastic opportunity for a Risk Analyst with Information Security to join an excellent team and work to advance information security and privacy within the Department of Human Services and the Oregon Health Authority (DHS|OHA). 

The Oregon Health Authority promotes health equity by developing policies and programs to eliminate health disparities and reach health equity for all Oregonians. 

The Department of Human Services (DHS) mission is the safety, health and independence for all Oregonians. We help Oregonians in their own communities achieve well-being and independence through opportunities that protect, empower, respect choice and preserve dignity.

What you will do!
As an Information Security Risk Analyst, you will provide support for the Information Security Risk Assessment program by maintaining the DHS|OHA risk register which is used to update senior agency managers on information security risks to agency assets, record treatment decisions, and to track and monitor mitigation activities. You will work under the guidance of the Information Security Officer (ISO). 

What's in it for you?
Collaboration in an open office with a team of bright individuals to work with and learn from. We offer full medical, vision and dental with paid sick leave, vacation, personal leave and ten paid holidays per year. If you are a Risk Analyst with Information Security experience, don't delay, apply today! 

This is a full-time, permanent position that is classified and represented by a union.
This position will be located in Salem at 3991 Fairview Industrial Drive SE. 


A Bachelor's Degree in Business or Public Administration, Behavioral or Social Sciences, Finance, Political Science or any degree demonstrating the capacity for the knowledge and skills; AND two years of professional-level evaluative, analytical and planning experience related to Risk Analysis.  
Any combination of experience and education equivalent to five years of professional-level evaluative, analytical and planning experience related to Risk Analysis.  


  • Knowledge of computer technology, networking, information security, and privacy
  • Ability to analyze data to develop technical and executive reports and dashboards highlighting trends and conveying recommendations
  • Ability to build and maintain collaborative working relationships with colleagues, managers, and stakeholders
  • Excellent written and verbal communication and presentation skills
  • Self-starter able to work independently with limited oversight and demonstrated attention to detail 
  • Aware of information security requirements and frameworks (e.g. NIST SP 800-30 and 53, HIPAA, IRS Publication 1075) and prepared to become a subject matter expert in one or more of them
  • Proficiency with the Microsoft Office Suite (especially developing and maintaining reports using Excel) 
  • Familiar with the purpose of information security risk assessments 
  • Experience in promoting a culturally competent and diverse work environment 


Computer-Network Security



$50,652.00 - $73,944.00

Listing Logo