Cyber Security Analyst -Mostly remote
Description:
Title: Cyber Security Analyst -Mostly remote
Location: Raleigh, NC, United States
Length: Long term
Restriction: W2 or C2C
Description:
Interview Type: Webcam Interview *** Very long term project initial PO for 1 year, expect to go for 4+ years *** *** Mostly Remote ***
*** Remote but will need to be onsite at short notice. There is a mandatory three week training onsite at the beginning of the engagement.
Short Description:
The Compliance Officer will be familiar with risk management, comfortable leading internal risk assessments, and possess knowledge of HIPAA and NIST privacy and security requirements for health information networks.
Job Description:
The NC HIEA Compliance Officer will ensure that operations follow all relevant state and federal requirements for securely transacting health information via the HIE Network, NC HealthConnex. The Compliance Officer will be familiar with risk management, comfortable leading internal risk assessments, and possess knowledge of HIPAA and NIST privacy and security requirements for health information networks. This position will work closely with the NC HIEA leadership team, DIT legal counsel, and DIT Privacy Team, and DIT Security and Risk Management Team to ensure continual improvement of the NC HIEAs security and risk profile.
Responsibilities:
Assist with the development and implementation of a compliance program for the NC HIEA that includes preparation for HITRUST certification
Create sound internal controls and monitor adherence to them
Draft and revise policies
Proactively audit processes, practices and documents to identify weaknesses
Evaluate activities to assess compliance risk
Collaborate with external auditors and DIT Security Team when needed
Set plans to manage a crisis or compliance violation
Educate and train employees on regulations and industry practices
Address employee concerns or questions on compliance
Keep abreast of industry standards and business goals
Requirements:
Proven experience as a Compliance Officer
Experience in risk management
Knowledge of HIPAA and NIST requirements
Familiarity with industry practices and professional standards
Excellent communication skills
Integrity And professional ethics
Attention To detail
Required Skills:
Knowledge of privacy laws (state and federal such as HIPAA (preferred), PCI, CJIS) proven risk management experience. 3 Years
Experience in creation of risk management strategies and policy development to handle data breaches and other incidents. 3 Years
Knowledge of NIST controls and experience with completing/conducting assessments written and verbal communication. 3 Years
Strong conflict management skills in order to work with senior management to ensure security and data protection rules and regulations are in place. 3 Years
Knowledge of cybersecurity and privacy principles 3 Years
Ability to determine whether a security incident violates a privacy principle or legal standard requiring specific legal action. 3 Years
Ability to work across departments and business units to implement organizations privacy principles and programs. 3 Years
Ability to develop, update, and/or maintain standard operating procedures (SOPs). 3 Years
Ability to develop clear directions and instructional materials. 3 Years