Business Title Security and IT Controls Auditor - HIPAA
Position Title IT Quality Specialist
Region/ Function Information Technology
Role Overview:
The consultant will be required to perform HIPAA Security Rule assessments of a variety of Hosted Digital Medical Device Products (effectively Microsoft based cloud hosted systems), Enterprise Solutions and Data Repositories.
A number of prioritized assessment targets will be determined by the program team, comprising leaders from Information Security, Privacy, Compliance, Legal and a dedicated Program Manager.
Depending on how quickly this position can be filled, an assessment methodology will be devised and templates generated for performing and recording assessment outcomes.
Some input on remedial actions for any gaps identified, may also be required.
Responsibilities:
5% Input into program planning
5% Creation of assessment methodology and templates (potentially)
60% Execution of HIPAA Security Rule Assessments
20% Documentation of results
10% Consultation on any remedial actions
Requirements:
Licenses/Certifications:
Qualifications for Information Security Audit would be beneficial e.g. Certified Information Systems Auditor (CISA).
Experience & Education:
Minimum five years performing Information Security Audits on IT systems or Digital Medical Devices
Any prior experience performing HIPAA Security Rule audits would be beneficial
Educated to degree standard preferred
Physical Demands:
The position requires the ability to:
- Work in an office or from home (as required) with a high degree of PC work and meeting attendance.
Travel as described below.
Travel Requirements: 10 to 20%
Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.