Principal Information Security Analyst

Mayo Clinic•Rochester, MN

About The Position

The Principal Information Security Analyst provides senior-level leadership and hands-on oversight of the organization’s incident response program, ensuring consistent, high-quality execution of the incident response process from intake and triage through investigation, containment, eradication, recovery, and closure. This role partners closely with SOC operations, infrastructure and application protection teams, IAM, legal, privacy, and risk to coordinate timely response actions, deliver clear incident communications and executive-ready reporting, and ensure evidence and documentation meet internal standards and regulatory expectations. The Principal Analyst drives operational excellence through continuous improvement, including root cause analysis, after-action and lessons-learned reviews, and remediation tracking while strengthening preparedness by coordinating tabletop exercises and conducting periodic process and playbook reviews. In addition, the role performs access reviews, supports audits by compiling and validating control evidence, and elevates team capability by assisting in development training for incident responders. Stays current with emerging threats, attack techniques, and AI/ML advancements in cybersecurity. The Information Security Principal Analyst has a broad understanding of information security concepts and how to apply and implement them. They serve as a liaison between Information Security, Information Technology, business representatives, and various oversight committees, assisting with developing, communicating, and achieving Mayo's Information Security goals. The Information Security Principal Analyst is considered an expert, leader, and mentor who is highly skilled in industry standard information security concepts with particular focus on the NIST Cybersecurity Framework, or equivalent.

Requirements

Broad understanding of information security concepts and how to apply and implement them
Serve as a liaison between Information Security, Information Technology, business representatives, and various oversight committees
Assisting with developing, communicating, and achieving Mayo's Information Security goals
Considered an expert, leader, and mentor
Highly skilled in industry standard information security concepts with particular focus on the NIST Cybersecurity Framework, or equivalent
Knowledgeable, proficient, and experienced in: Integrating multiple disciplines (e.g., business / systems process analysis, data analysis, data informatics, cybersecurity concepts, risk management, regulatory requirements, and technology) for strategic and operational planning
Knowledgeable, proficient, and experienced in: Using problem-solving methods, planning techniques, continuous improvement, project management, and analytical tools and methodologies to achieve Mayo goals
Knowledgeable, proficient, and experienced in: Leading risk analysis and information security assessments with focus on planning, information gathering, and remediation planning and monitoring
Knowledgeable, proficient, and experienced in: Serving as an expert for information security questions and inquiries
Knowledgeable, proficient, and experienced in: Ensuring appropriate management of cybersecurity risks in alignment with standards
Knowledgeable, proficient, and experienced in: Monitoring compliance to Mayo's Information Security policies, processes and procedures
Knowledgeable, proficient, and experienced in: Managing and administering Information Security processes and tools that enable the organization to operate securely, effectively and efficiently
Knowledgeable, proficient, and experienced in: Creating, coordinating, conducting and/or evaluating training courses within pertinent subject domain
Knowledgeable, proficient, and experienced in: Creating policies, processes and procedures and guiding them through the approval process
Knowledgeable, proficient, and experienced in: Managing a varied workload of complex projects with multiple priorities
Knowledgeable, proficient, and experienced in: Staying current on information security, technology and healthcare trends and institutional changes
Knowledgeable, proficient, and experienced in: Exhibiting excellent interpersonal skills which include presentation, negotiation, influencing, team facilitation and written communications
Knowledgeable, proficient, and experienced in: Effectively manages time, provides mentorship and leadership to others
Knowledgeable, proficient, and experienced in: Communicating risk and complex cyber security topics to a diverse audience
Knowledgeable, proficient, and experienced in: Authoring high-level business and technical documentation

Nice To Haves

Organizational Change Management - particular focus on Procsi's ADKAR model
Project Management - particular focus on the Project Management Body of Knowledge (PMBOK)
Business Analysis - particular focus is on the Business Analysis Body of Knowledge (BABOK)

Responsibilities

Provides senior-level leadership and hands-on oversight of the organization’s incident response program
Ensuring consistent, high-quality execution of the incident response process from intake and triage through investigation, containment, eradication, recovery, and closure
Partners closely with SOC operations, infrastructure and application protection teams, IAM, legal, privacy, and risk to coordinate timely response actions
Deliver clear incident communications and executive-ready reporting
Ensure evidence and documentation meet internal standards and regulatory expectations
Drives operational excellence through continuous improvement, including root cause analysis, after-action and lessons-learned reviews, and remediation tracking
Strengthening preparedness by coordinating tabletop exercises and conducting periodic process and playbook reviews
Performs access reviews
Supports audits by compiling and validating control evidence
Elevates team capability by assisting in development training for incident responders
Stays current with emerging threats, attack techniques, and AI/ML advancements in cybersecurity
Integrating multiple disciplines (e.g., business / systems process analysis, data analysis, data informatics, cybersecurity concepts, risk management, regulatory requirements, and technology) for strategic and operational planning
Using problem-solving methods, planning techniques, continuous improvement, project management, and analytical tools and methodologies to achieve Mayo goals
Leading risk analysis and information security assessments with focus on planning, information gathering, and remediation planning and monitoring
Serving as an expert for information security questions and inquiries
Ensuring appropriate management of cybersecurity risks in alignment with standards
Monitoring compliance to Mayo's Information Security policies, processes and procedures
Managing and administering Information Security processes and tools that enable the organization to operate securely, effectively and efficiently
Creating, coordinating, conducting and/or evaluating training courses within pertinent subject domain
Creating policies, processes and procedures and guiding them through the approval process
Managing a varied workload of complex projects with multiple priorities
Staying current on information security, technology and healthcare trends and institutional changes
Exhibiting excellent interpersonal skills which include presentation, negotiation, influencing, team facilitation and written communications
Effectively manages time, provides mentorship and leadership to others
Communicating risk and complex cyber security topics to a diverse audience
Authoring high-level business and technical documentation