Senior Cyber Risk Analyst

Passionate about precision medicine and advancing the healthcare industry? Recent advancements in underlying technology have finally made it possible for AI to impact clinical care in a meaningful way. Tempus' proprietary platform connects an entire ecosystem of real-world evidence to deliver real-time, actionable insights to physicians, providing critical information about the right treatments for the right patients, at the right time. As a Senior Cyber Risk Analyst at Tempus AI, you will be the driving force behind our Cyber Risk Management Program, serving as the primary custodian of the organization's Cyber Risk Register. Your expertise in integrating cyber risk management practices within a fast-paced, health-tech environment will be crucial to providing leadership with clear visibility into our cyber risk posture and ensuring the continuous security and compliance of our platforms. What You'll Do Cyber Risk Register Management & Program Intake Own the Risk Lifecycle: Serve as the primary owner for the "care and feeding" of the Cyber Risk Register. Oversee the end-to-end lifecycle of cybersecurity risks, including identification, logging, analysis, treatment tracking, and closure. Risk Quantification & Scoring: Apply standardized risk assessment methodologies to accurately calculate risk impact/severity, likelihood/occurence, and controls/detectability, ensuring risks are prioritized effectively. Executive Reporting & Enterprise Alignment Metrics & Dashboards: Develop and maintain intuitive risk dashboards and Key Risk Indicators (KRIs). Provide clear, data-driven reports to the Director of Data Security, the CISO, and executive leadership regarding our current risk posture and remediation progress. ERM Integration: Actively support the broader Enterprise Risk Management (ERM) program by translating technical cyber risks into business impacts, ensuring seamless reporting to ERM leadership. Strategic Security Initiatives M&A Due Diligence: Provide technical expertise during Mergers and Acquisitions (M&A). Conduct pre-acquisition security risk analyses and ensure post-acquisition inherited risks are properly ingested into the Cyber Risk Register and tracked to remediation. Global Compliance Support: Coordinate with Technology, Legal, and Security teams to ensure risk mitigation efforts align with required regulatory standards (e.g., HIPAA, HITRUST, GDPR, ISO 27001) Qualifications Experience: 5 years of technical experience in information security, risk management, or GRC within the technology, AI, or healthcare industries. Domain Expertise: Deep understanding of cybersecurity principles, threat landscapes, and control frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001, HITRUST). Risk Management Mastery: Proven track record of building, maintaining, or heavily contributing to a Cyber Risk Register. Experience with risk quantification methodologies and leading GRC platforms (e.g., ServiceNow GRC, RSA Archer, AuditBoard, or similar). Project & Stakeholder Management: Exceptional ability to manage multiple concurrent programs, working proactively to align multi-disciplinary stakeholders toward secure outcomes. Communication Skills: Excellent written and verbal communication skills. You must possess the unique ability to act as a "translator" of risk—taking complex technical vulnerabilities and clearly articulating the business risk to diverse teams of biologists, medical professionals, engineers, operators, and data scientists. #LI-HR1 #LI-Hybrid CHI: $105,000-$120,000 The expected salary range above is applicable if the role is performed from Illinois and may vary for other locations (California, Colorado, New York). Actual salary may vary based on qualifications and experience. Tempus offers a full range of benefits, which may include incentive compensation, restricted stock units, medical and other benefits depending on the position. We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Tempus was founded in August of 2015 by Eric Lefkofsky, after his wife was diagnosed with Breast Cancer. Shortly after he founded the company in an effort to bring the power of technology and artificial intelligence to cancer care, he convinced Ryan Fukushima to join as the company’s first employee. Ryan and Eric began assembling a world class team, focused on building the first version of a platform capable of ingesting real time healthcare data in an effort to personalize diagnostics. We built the platform for oncology and have expanded it to neuropsychiatry, cardiology, infectious disease (through COVID), and radiology. Despite our rapid growth, our mission remains the same—to help make sure patients are on the right drug at the right time, so they can live longer and healthier lives. We’re looking for people who can change the world. Who question the status quo and don’t shy away from tough problems. For the builders who are never done building and the learners who are never done learning. We’re looking for passionate people with undying curiosity. Those who want to attack one of the most challenging problems mankind has ever faced. Head on.

Salary : $105,000 - $120,000