IT Security & Compliance, HITRUST Consultant
As the IT Security & Compliance, HITRUST Consultant, you will be part of the IT Security HITRUST compliance team providing solutions and performing HITRUST certification activities. You will manage all aspects of HITRUST Readiness Assessments including collaborating cross functionally to help team members understand HITRUST Controls, document tracking and collections, reviewing the documents and artifacts to ensure compliance with controls, use portal to upload collected documents and artifacts. You will also transfers all policy requirements to Assessors Portal for review. You will be part of a fast-paced team and make a positive impact within the HITRUST team for Certification processes and security compliance.
Responsibilities & Skills
- Proficient understanding of the HITRUST CSF, involving practical experience in guiding and evaluating readiness for HITRUST through all CSF domains, leading and validating assessments.
- Expertise and familiarity with healthcare operations and business workflows.
- Extensive involvement in the healthcare sector, including active engagement with the HIPAA Security and Privacy Rules and the HITRUST Common Security Framework (CSF).
- Established track record of effectively overseeing and successfully completing the HITRUST Certification process.
- Demonstrated capability in orchestrating security project management and team coordination.
- Proven skillset in executing compliance assessments and deploying regulatory mandates (HIPAA, HITECH, HITRUST).
- Sound comprehension of IT security technologies, encompassing network and application security, firewalls, access management, and data safeguarding.
- Aptitude to decipher processes and controls, identify vulnerabilities and deficiencies necessitating corrective actions, formulate mitigation plans, and validate the implementation of remedies.
- Outstanding interpersonal and communication proficiencies for productive collaboration with internal and external stakeholders, fostering a cooperative work milieu.
- Effective communication prowess (both oral and written), adept at simplifying technical concepts for non-technical counterparts, at ease with delivering presentations, and proficient in delivering recommendations to management and staff.
- Embodies a positive demeanor and robust work ethic, dedicated to teamwork and professionalism.
- Over 4 years’ experience in Information Security and HITRUST required
- Working experience in the healthcare industry, including working with the HIPAA Security and Privacy Rules and HITRUST Common Security Framework (CSF) required
- Experience working with IT security frameworks and regulations such as SOC required
- Strong knowledge and understanding of IT security technologies, architecture, and related security solutions.
- Excellent interpersonal and communication skills to effectively collaborate with internal and external stakeholders.
- Exemplifies a positive attitude and strong work ethic with a commitment to teamwork and professionalism.
Desired / Preferred Qualifications
- Bachelor’s degree in Information Technology, Information Security or a related field preferred
- Certifications: CISA, CISSP, or CCSK preferred
Page | 1