Ensure security vulnerability and risk assessments are conducted as appropriate on any system upgrades, software/hardware changes, etc. Provide oversight and communication as necessary.
Provide third party oversight including review of contracts, Business Associate Agreements, Information Security Questionnaires and other artifacts such SOC2 and HITRUST reports.·
Develop, implement, and communicate IT and Corporate security policy, standards, best practices, guidance and procedures
Work with Business on the creation of Process and Procedure documentation. Provide compliance oversight through regular audits of business units.
Providing expert advice on addressing IT information security issues
Assist with the development of policy awareness efforts and materials for distribution to the user community.
3 years of relevant experience in functional responsibility.
Bachelor’s Degree, or an equivalent combination of formal education, experience (eight years of experience in Functional Responsibility area may be substituted for a Bachelor’s Degree). A Master’s Degree may be substituted for 3 years of general work experience.
Candidates should be well-versed in risk management and must have experience working with SDLC, and performing security tasks throughout.
Candidate should have strong analytical and organizational skills.
Candidate should have concise writing skills, excellent MS Word skills as well as other MS Office Applications.
Personnel shall be well versed with NIST publications and other Health related publications and their requirements and impact on system security.