ZipRecruiter

Log In

1

Information Security Risk Manager Jobs in Tennessee

Covenant Health

SR RISK MANAGER

Knoxville, TN · On-site

Assists with release of records and information in response to subpoenas, court orders, attorney ... Assumes risk management on-call responsibility for the system as a part of the call rotation.

Oracle

Third-Party Security Advisor

Nashville, TN · On-site

Bachelor's degree in Information Security, Cybersecurity, Computer Science, Information Technology, Risk Management, Business, Supply Chain, Procurement, or a related field, or equivalent practical ...

next page

Showing results 1-20

All JobsInformation Security Risk JobsInformation Security Risk Manager JobsInformation Security Risk Manager Jobs in Tennessee

Information Security Risk Manager information

See Tennessee salary details

$56.7K

$123.5K

$181.5K

How much do information security risk manager jobs pay per year?

As of Jun 14, 2026, the average yearly pay for information security risk manager in Tennessee is $123,530.00, according to ZipRecruiter salary data. Most workers in this role earn between $100,300.00 and $145,700.00 per year, depending on experience, location, and employer.

SR RISK MANAGER

Covenant Health

Knoxville, TN • On-site

Full-time

Posted 5 days ago

Job description

Overview
Senior Risk Manager
Full Time, 80 Hours Per Pay Period, Day Shift
Covenant Health Overview:
Covenant Health is the region's top-performing healthcare network with 10 hospitals, outpatient and specialty services, and Covenant Medical Group, our area's fastest-growing physician practice division. Headquartered in Knoxville, Covenant Health is a community-owned integrated healthcare delivery system and the area's largest employer. Our more than 11,000 employees, volunteers, and 1,500 affiliated physicians are dedicated to improving the quality of life for the more than two million patients and families we serve every year. Covenant Health is the only healthcare system in East Tennessee to be named a Forbes "Best Employer" seven times.
Position Summary:
The senior risk manager is responsible for the facility's risk management activities, which include, but may not be limited to, managing claims against the facility, interfacing with defense legal counsel, administering the risk management program on a day-to-day basis, managing and analyzing risk management data, conducting risk management educational programs, complying with risk management related standards by The Joint Commission and other accrediting or regulatory agencies, all with the objective of maintaining patient safety, enhancing quality care, and minimizing loss to protect the assets of the facility. This individual participates in formulating policy and/or organizational changes. The senior risk manager performs these functions reporting to the corporate director of risk management directly and to a facility vice-president indirectly.
Responsibilities
  • Has full responsibility for operations of the risk management program at the facility.
  • Directs loss control/loss prevention activities and reports results to senior administration at the facility and the corporate risk department.
  • Supervises the statistical trending of losses and analyzes patterns.
  • Designs and implements risk management surveys and studies; conducts surveys, studies, and special projects to assist in long-term planning and changes to facility policies and systems that reduce risk and losses.
  • Responsible for identifying and communicating regulatory requirements.
  • Leads development of facility-wide approach on disclosure of medical errors and obtains physician support.
  • Submits recommendations for changes in the existing risk control and risk-financing procedures based on changes in properties, operations, or activities.
  • . Evaluates correspondence from attorneys, patients, and other outside sources, and formulates responses, as necessary.
  • Records, collects, documents, maintains, and communicates to corporate risk and/or attorney any information necessary to prepare testimony in pending litigation.
  • Assists with release of records and information in response to subpoenas, court orders, attorney requests, state and federal agency investigations, and other inquiries from outside sources.
  • Maintains risk case files and strives to maintain maximum protection from discoverability of such files.
  • Answers medical/legal inquiries of physicians, nurses, and administrators regarding emergent patient care issues and loss control.
  • Resolves treatment issues, including patient decisions made against medical advice (AMA), refusals of treatment, and consent issues; initiates court orders as appropriate via in-house and outside legal counsel.
  • Maintains awareness of legislative activities that may affect risk management programs and participates in the legislative process.
  • Leads and/or participates in the Risk Management Subcommittee, affiliate Risk Management Subcommittee, Root Cause Analysis Oversight Team, Patient Safety Committee and others as directed.
  • Assumes risk management on-call responsibility for the system as a part of the call rotation.
  • Receives incident reports and other information regarding untoward occurrences in the facility, and collates such information systematically to permit analysis pursuant to risk management policy and procedure. When risk management personnel are informed of an incident, the investigation should include getting the facts, determining the event's significance, reviewing the medical record, deciding who must know about the event, determining how to proceed with the patient, securing all evidence (e.g. documentation, equipment, etc.), interviewing appropriate people, and creating a comprehensive investigation file.
  • Plans, develops, and presents educational material to administration, the medical staff, nursing personnel, and other department personnel on topics related to risk management as they affect personnel.
  • Supports the patient safety initiatives through direct participation on committees/task forces.
  • Develops and implements educational programs designed to minimize the frequency and reduce the severity of actual and potential safety hazards throughout the facility.
  • Leads root cause analysis and makes recommendations for improvement.
  • Actively participates in patient safety goals by providing data to support priorities.
  • Has an active role in FMEA (Failure Mode and Effects Analysis).
  • Acts as resource, internal consultant, and educator for patient safety/risk management issues.
  • Responds to professional/liability and facility liability questions posed by physicians, nurses, and other personnel.
  • Complies with various codes, laws, rules and regulations concerning patient care, including those mandated by state and federal agencies and incident reporting. Also includes investigative activities with federal, state and local enforcement authorities.
  • Disseminates lessons learned from root cause analysis, system or process failures, and the results of proactive risk assessments to staff that provide services for the specific situations. Disseminates feedback to the appropriate providers and workforce.
  • Assists in communicating unanticipated outcomes and/or unusual events to patients and their families in a compassionate and honest manner and in compliance with policies and procedures.
  • Oversees investigation of incidents/accidents/events that could lead to financial loss, including professional liability, general liability, and workers' compensation.
  • Investigates risks involving actual or potential injury to patients, visitors, and employees; and, collects information necessary to prepare for the defense of claims.
  • Interacts with legal counsel and patients/families to effect timely settlement.
  • Provides direction and advice to medical staff, as necessary, in connection with malpractice litigation and medico legal matters.
  • Reports patient care-related incidents to the Department of Health, FDA, or other agencies if required by law; directs investigation and development of corrective plans; submits required reports to state and federal agencies.
  • Complies with required mandatory reporting of the Medicare, Medicaid, and SCHIP Extension Act of 2007.
  • Plans, develops and presents educational material to administration, medical staff, nursing personnel and other department personnel on current topics related to risk management.
  • Develops and implements educational programs to reduce or eliminate potential safety hazards throughout the facility.
  • Develops and presents educational material to new and current employees.
  • Provides on-going coordination of system policies on the Covenant Health Intranet.
  • Serves as a system policy resource for Covenant Health.
  • Performs other duties as assigned or requested.

Qualifications
Minimum Education:
None specified; however, must be sufficient to meet the standards for achievement of the below indicated license and/or certification as required by the issuing authority.
Minimum Experience:
An equivalent combination of education and experience as evidenced by the possession of a RN, Bachelor's degree in nursing, business administration, health administration, public health, education, or directly related field and four (4) years experience providing direct patient care in a clinical health care environment and two (2) years experience in management; risk management; or similarly responsible position may be accepted in lieu of the above indicated education and experience requirements.
Licensure Requirement:
Current Tennessee RN license

Apply