Job Type: Full Time
As an Information Security Consultant, you will deliver risk and compliance services and assessments to healthcare clients to help them mitigate existing and future security risks. As a subject matter expert, you will have the opportunity to participate in a wide variety of client initiatives that span a broad range of services. Where applicable, you will work closely with clients in various healthcare environments to propose security controls as part of a partnership to help reduce risks levels and improve security posture(s).
This position affords the qualified candidate the opportunity to be exposed to, and become proficient with, a wide range of security frameworks, technologies, and disciplines.
The primary responsibilities for this position will include applying your knowledge of various regulations and frameworks to complete risk assessments and where required, develop policy, procedures, and process documentation following industry regulations and standards. These activities will include one or more of the following:
- Conduct NIST CSF security risk assessments for healthcare client organizations using the IH HIPAA One Platform outlining security risks for the given organization while establishing current security tiering and maturity levels.
- Conduct HIPAA Security Risk Analysis for client organizations physical, administrative, and technical safeguards per the HIPAA Security Rule and relevant security framework(s) using the IH HIPAA One solutions platform.
- Conduct HIPAA Privacy and Breach Risk Analysis for client organizations per the HIPAA Privacy and Breach Notification Rules and relevant privacy framework(s) using the IH HIPAA One solutions platform.
- Conduct third-party risk assessments for clients utilizing the IH BluePrint Protect TPRM tool, based upon required needs in accordance with applicable security framework directives and regulatory requirements.
- Opportunity to host webinars and author relevant blogs, articles, whitepapers, etc.
- Lead working sessions and interviews with clients to capture existing process details and relevant policies and procedures.
- Participate in regulatory and framework assessments by working closely with other team members to guide clients through their journey of compliance and framework adoption.
Key Skills Required:
- Bachelor’s Degree in Business, Management of Information Systems, or equivalent experience
- Additionally, one or more certification in information security domain is preferred.