Principal Information Security Analyst

CityRochester

StateMN

RemoteNO

DepartmentInformation Security

Why Mayo Clinic

Mayo Clinic is top-ranked in more specialties than any other care provider according to U.S. News & World Report. As we work together to put the needs of the patient first, we are also dedicated to our employees, investing in competitive compensation and comprehensive benefit plans – to take care of you and your family, now and in the future. And with continuing education and advancement opportunities at every turn, you can build a long, successful career with Mayo Clinic.

Benefits Highlights

• Medical: Multiple plan options.
• Dental: Delta Dental or reimbursement account for flexible coverage.
• Vision: Affordable plan with national network.
• Pre-Tax Savings: HSA and FSAs for eligible expenses.
• Retirement: Competitive retirement package to secure your future.

Responsibilities

The Principal Information Security Analyst provides senior-level leadership and hands-on oversight of the organization’s incident response program, ensuring consistent, high-quality execution of the incident response process from intake and triage through investigation, containment, eradication, recovery, and closure. This role partners closely with SOC operations, infrastructure and application protection teams, IAM, legal, privacy, and risk to coordinate timely response actions, deliver clear incident communications and executive-ready reporting, and ensure evidence and documentation meet internal standards and regulatory expectations. The Principal Analyst drives operational excellence through continuous improvement, including root cause analysis, after-action and lessons-learned reviews, and remediation tracking while strengthening preparedness by coordinating tabletop exercises and conducting periodic process and playbook reviews. In addition, the role performs access reviews, supports audits by compiling and validating control evidence, and elevates team capability by assisting in development training for incident responders. Stays current with emerging threats, attack techniques, and AI/ML advancements in cybersecurity.
The Information Security Principal Analyst has a broad understanding of information security concepts and how to apply and implement them. They serve as a liaison between Information Security, Information Technology, business representatives, and various oversight committees, assisting with developing, communicating, and achieving Mayo's Information Security goals. The Information Security Principal Analyst is considered an expert, leader, and mentor who is highly skilled in industry standard information security concepts with particular focus on the NIST Cybersecurity Framework, or equivalent. The Information Security Principal Analyst is knowledgeable, proficient, and experienced in: Integrating multiple disciplines (e.g., business / systems process analysis, data analysis, data informatics, cybersecurity concepts, risk management, regulatory requirements, and technology) for strategic and operational planning. Using problem-solving methods, planning techniques, continuous improvement, project management, and analytical tools and methodologies to achieve Mayo goals. Leading risk analysis and information security assessments with focus on planning, information gathering, and remediation planning and monitoring. Serving as an expert for information security questions and inquiries. Ensuring appropriate management of cybersecurity risks in alignment with standards. Monitoring compliance to Mayo's Information Security policies, processes and procedures. Managing and administering Information Security processes and tools that enable the organization to operate securely, effectively and efficiently. Creating, coordinating, conducting and/or evaluating training courses within pertinent subject domain. Creating policies, processes and procedures and guiding them through the approval process. Managing a varied workload of complex projects with multiple priorities. Staying current on information security, technology and healthcare trends and institutional changes. •Exhibiting excellent interpersonal skills which include presentation, negotiation, influencing, team facilitation and written communications. Effectively manages time, provides mentorship and leadership to others. Communicating risk and complex cyber security topics to a diverse audience. Authoring high-level business and technical documentation. Additional qualifications may apply (see additional experience and/or qualifications): Organizational Change Management - particular focus on Procsi's ADKAR model, Project Management - particular focus on the Project Management Body of Knowledge (PMBOK), Business Analysis - particular focus is on the Business Analysis Body of Knowledge (BABOK).
Mayo Clinic will not sponsor or transfer visas for this position including F1 OPT STEM.

Qualifications

Master's degree in applicable field and 5 years' experience, or Bachelor's degree in applicable field and 8 years' experience. Pertinent fields of study and experience includes (but is not limited to) the following: information security, operational analysis, process change, electronic systems implementation, leadership, systems analysis and project management with broad-based key enterprise initiatives.
Demonstrated history of continuing education in technology, information security, healthcare, and business processes. Excellent interpersonal skills to include presentation, negotiation, influencing, team facilitation and written communications skills are required. Experienced with committee and consensus-managed, physician led organization. Exceptional time management and leadership skills are required.
Must have one of the following certifications (or equivalent) at time of hire. CISSP, CISM, HCISPP, GSEC, OSCP or equivalent.

Exemption Status
Exempt
Compensation Detail
$134,347.20 - $194,750.40 / year
Benefits Eligible
Yes
Schedule
Full Time
Hours/Pay Period
80
Schedule Details
Monday -Friday 8AM to 5PM CT, nights and weekends as needed
Weekend Schedule
Nights and weekends as needed
International Assignment
No
Site Description

Just as our reputation has spread beyond our Minnesota roots, so have our locations. Today, our employees are located at our three major campuses in Phoenix/Scottsdale, Arizona, Jacksonville, Florida, Rochester, Minnesota, and at Mayo Clinic Health System campuses throughout Midwestern communities, and at our international locations. Each Mayo Clinic location is a special place where our employees thrive in both their work and personal lives. Learn more about what each unique Mayo Clinic campus has to offer, and where your best fit is.

Equal Opportunity

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, protected veteran status or disability status. Learn more about the "EOE is the Law". Mayo Clinic participates in E-Verify and may provide the Social Security Administration and, if necessary, the Department of Homeland Security with information from each new employee's Form I-9 to confirm work authorization.

Recruiter
Ted Keefe