The Joint Commission

Returning Candidate?

Sr IT Security Analyst

Sr IT Security Analyst

Job ID 
# of Openings 
Job Locations 
US-IL-Oakbrook Terrace
Information Technology

More information about this job


Under the supervision of the Director, Enterprise I.T. Security, the Senior Security Analyst / Auditor; under general direction, performs all procedures necessary to ensure the safety of IT systems data and IT assets. Protects systems from intentional or inadvertent access or destruction. Stays abreast of new and evolving security technologies, provides critical input to the development of the IT Security Strategy. Conducts reviews and audits of Information Technology departments at all subsidiaries of The Joint Commission. Review IT policies, guidelines and procedure documents to determine compliance and management controls. Review technical documentation, observe technical processes and observe development processes to identify problems and potential weaknesses/risks. Interviews process owners, vendors and consultants to assess the effectiveness of IT controls and management oversight. Prepare, organize and archive all reviews and audit work papers following industry and company standards for IT auditing, and maintain a high level of professionalism in all interaction with IT department and business personnel.  This position is critical in maintaining compliance across Joint Commission Enterprise systems.



  1. Four-year college degree and three to five years experience in the IT audit field required, Masters in IT Security related field preferred.
  2. Hand-on experience conducting IT Security, PCI, NIST or HIPAA audits required.
  3. Fluent in current IT Security trends with an eye on market/technical conditions and future direction. 
  4. Experience in defining new Security architectures and ability to drive an independent project from an architectural stand point
  5.  Experience with the use of the NIST Cybersecurity Framework and other IT Security principles.
  6.  Experience with automated audit administration applications, highly desirable.
  7.  Experience with Active Directory required.
  8.  CISSP, CISA or CIA certification preferred.
  9.  Strong documentation and presentation skills for both technical and audit reporting.
  10.  Polished oral communication skills.
  11. Strong decision making, problem solving, and systems integration skills required.
  12. Able to prioritize and meet deadlines required.
  13. Able to learn new skills as required via manuals, books, web sites, and co-workers required.
  14.  Handles potentially difficult situations with confidence.
  15. Is an energetic, motivated self-starter.
  16. Perform multiple tasks concurrently, work long hours as required and respond to emergency situations effectively.

Connect With Us!

Not ready to apply? Connect with us for general consideration.