remote

Cybersecurity Business Systems Analyst II - Banner Health

Security Engineer

Analyze and manage cybersecurity risks for third‑party vendors, conduct security assessments, and ensure compliance with GRC frameworks while collaborating with contracting, legal, and security teams.

About the role

Key Responsibilities

Perform comprehensive security assessments of prospective and existing vendors to identify and mitigate cyber risks.
Maintain and update the third‑party risk management program in alignment with GRC policies and regulatory requirements.
Collaborate with contracting, legal, and cybersecurity stakeholders to ensure contractual and technical controls are properly implemented.
Document risk findings, produce remediation plans, and track remediation progress across the vendor lifecycle.
Analyze risk data to produce metrics, dashboards, and reports for senior leadership.

Requirements

2+ years of experience in cybersecurity risk assessment, GRC, or third‑party risk management.
Strong understanding of security frameworks (e.g., NIST, ISO 27001) and regulatory standards (e.g., HIPAA, GDPR).
Proven ability to evaluate vendor security posture and communicate findings to both technical and non‑technical audiences.
Excellent analytical, documentation, and presentation skills.
Bachelor’s degree in Information Security, Computer Science, or related field, or equivalent experience.

Skills

siemiampenetration testing

CompanyBanner Health

DepartmentEngineering

LocationPhoenix, Arizona, United States

Experience3+ years

Tenurefull-time

LevelMid-Level

Posted June 22, 2026