Cybersecurity Business Systems Analyst III

Department Name:

IT Cybersecurity GRC-Corp

Work Shift:

Day

Job Category:

Information Technology

Banner Health was named to Fortune’s Most Innovative Companies in America 2025 list for the third consecutive year and named to Newsweek's list of Most Trustworthy Companies in America for the second year in a row. We’re proud to be recognized for our commitment to the latest health care advancements and excellent patient care.

In this role as a Cybersecurity Business Systems Analyst III, you'll work closely with cross-functional teams to assess cybersecurity risk, validate control effectiveness, and ensure policy compliance across complex healthcare technology environments. While not designing systems directly, your strong understanding of cybersecurity architecture and healthcare IT will enable you to evaluate technical implementations, identify potential gaps, and ensure appropriate evidence is in place to support regulatory and security requirements. Your insights will help bridge the gap between technical teams and governance functions, ensuring that risk decisions are informed, accurate, and aligned with both business and compliance objectives.

We’re looking for candidates with experience in cybersecurity who thrive on building relationships with stakeholders, understanding their operational needs, and applying GRC principles to support secure and compliant business solutions. The ability to interpret technical environments and translate them into meaningful risk assessments and control validations is key to success in this role. The ideal candidate is a self-motivated, detail-oriented team player who excels in fast-paced, technically complex environments. You should be a strong communicator, passionate about continuous learning, and committed to improving processes and user satisfaction. If you’re excited about leveraging your cybersecurity expertise to protect healthcare systems and support architectural integrity through governance and risk analysis, we’d love to hear from you!

This is a remote position. In this role you would work Monday through Friday normal business hours 9am - 5pm AZ time zone and can be a remote position if you live in the following states only: AL, AK, AR, AZ, CA, CO, FL, GA, IA, ID, IN, KS, KY, LA, MD, MI, MN, MO, MS, NC, ND, NE, NH, NM, NV, NY, OH, OK, OR, PA, SC, TN, TX, UT, VA, WA, WI, WV & WY.

Your pay and benefits (Total Rewards) are important components of your Journey at Banner Health. Banner Health offers a variety of benefit plans to help you and your family. We provide health and financial security options, so you can focus on being the best at what you do and enjoying your life.

Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.

POSITION SUMMARY
This position is responsible for delivering Cybersecurity objectives to plan and designing, developing, and implementing, efficient business, technical, financial, and operational practices or systems in support of core organizational functions and business processes. This includes gathering and analyzing data or requirements in support of business cases, proposed projects, and systems requirements. This individual is competent to work at the highest practical understanding of the Essential Functions across the Cybersecurity organization. You will be required to apply proven communication, analytical, technical, and problem-solving skills to help maximize the benefit of Cybersecurity practices and investments. Provides all customers, both internal and external, of Banner Health with excellent service experience by consistently demonstrating our core and leader behaviors each and every day.

CORE FUNCTIONS
1. Manage process enhancement and redesign efforts to streamline Cybersecurity delivery. Review and analyze the effectiveness and efficiency of existing systems and processes to develop strategies for improving or further leveraging, consolidating, or decommissioning.

2. Ability to work independently and as a team with minimal oversight to identify and establish scope and parameters of required analysis in order to define outcome criteria and deliver measurable actions as part of daily efforts as well as in projects.

3. Ability to determine key data points from raw data and generate information to create meaningful actionable metrics and represent at an executive level.

4. Ability to translate complex, technical specifications into understandable and actionable business requirements.

5. Ability to manage financial planning processes and deliver financial results and reporting including month end, total cost of ownership, ROI, and CBA.

6. Conduct research to make recommendations and to support decision making with the ability to communicate effectively at all levels of the organization.

7. Provides guidance, direction, and oversight for compliance with all federal, state, and local mandated information security laws, rules, and guidelines. Remain current with the latest industry information.

8. Ability to interpret, evaluate, manage, and strategize vendor relationships.

9. Under general direction, this position is responsible for Cybersecurity across multiple departments system-wide and requires interaction at all levels of staff and management.


MINIMUM QUALIFICATIONS

Must possess strong knowledge of business, cybersecurity, information technology and/or computer science as normally obtained through the completion of a bachelor's degree. Certification may be required in at least one of the following areas within one year of entering the position. Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Systems Security Certified Practitioner (SSCP), Payment Card Industry - Internal Security Assessor (PCI-ISA), Certified in Risk and Information Systems Control (CRISC), HealthCare Information Security & Privacy Practitioner (HCISSP), CompTIA Security+ or other certification designated by the Information Security Leader.

Must possess four years of experience in a healthcare or related environment or an equivalent combination of relevant education, technical, business and healthcare experience. Must demonstrate expertise in information technology and healthcare. Needs experience in medium to large scale project planning and reporting either individually or in a team. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate and interact across facilities and at various levels. Ability to balance project workloads with customer support and on-call demands. As is typical in this industry, variable shifts and hours and carrying/responding to a pager may be required.

Demonstrate proficiency with the Microsoft Suite of products and other tools depending on position requirements.

PREFERRED QUALIFICATIONS
Advanced degree may substitute for work experience.

Additional related education and/or experience preferred.

Estimated Pay Range:

$40.91 - $68.19 / hour Banner Health is committed to pay equity and transparency. The posted compensation range is a reasonable estimate that extends from the lowest to the highest pay Banner Health in good faith believes it might pay for this particular job, based on the circumstances at the time of posting. This range is based on possible base salaries and does not include the value of our total rewards package. Actual pay determined at offer will be based on years of relevant work experience, education, certifications, skills, and geographic location, along with a review of current employees in similar roles to ensure pay equity is achieved and maintained.

EEO Statement:

EEO/Disabled/Veterans

Our organization supports a drug-free work environment.

Privacy Policy:

Privacy Policy