At the heart of CommonSpirit Health's ministry are the national office departments that provide the foundational support, resources, and expertise that empower local communities to focus on what they do best—caring for patients. Our teams bring together expertise in clinical excellence, operations, finance, human resources, legal, supply chain, technology, and mission integration.

Guided by our faith-based values, the national office fosters consistency, alignment, and innovation across CommonSpirit. By centralizing expertise and leveraging economies of scale, we enable each location to operate efficiently while maintaining flexibility to address unique local community needs. From advancing digital solutions to driving health equity, these departments extend the healing presence of humankindness everywhere we serve.

This is a remote position.

Job Summary

The purpose of the Cyber Analyst – IT Audit position is to support internal IT, external and payer audit responses, including coordination, submission, and evidence gathering.  This person must be confident, independent, detail oriented.  The incumbent will engage with members of the operations and leadership teams across Cybersecurity.

The Cyber Analyst, IT Audit position will report to the Policy & Assurance Manager position, as part of the IT Audit team for the greater CommonSpirit organization.

Job Responsibilities:

• Receive, coordinate and submit timely responses to external and payer audits.
• Assist in gathering comprehensive evidence in support of all audit requests as required.
• Work with Legal, coordinating special requests and contract reviews.
• Document detailed steps taken during response, remediation and coordination efforts to ensure clear tracking.
• Support the IT Audit lifecycle, including documentation, follow-up, and continuous tracking of audit activities, validation of IT Audit closure issues, closing documentation and facilitating timely submittal.
• Prepare and deliver leadership reporting on audits, assessments, surveys and findings.
• Demonstrate strong knowledge of SOC1 and SOC2 reports and the related control frameworks.
• Apply a foundational understanding of HIPAA, NIST 2.0, CIS 18, and standard cybersecurity principles.

• Bachelors Preferred
• 2 or more relevant technical/professional security certifications preferred.
• 2-3 years IT Audit- Cybersecurity required.

Soft Skills Required: 

• Strong analytical, problem-solving and presentation skills with attention to detail.
• Excellent communication skills, both written and verbal, with the ability to convey complex concepts to non-technical stakeholders at all levels of the organization.
• Ability to work independently and manage multiple tasks effectively.
• Strong organizational skills and the ability to prioritize tasks.
• Ability to work collaboratively in a team environment with internal and external stakeholders.
• General knowledge of Cybersecurity principles required.
• Knowledge of Google Suite and Service Management preferred.

#LI-Remote

#LI-CSH