Security Specialist- Mid Level

Role: Security Specialist Mid Level

Location : 221 E Lane Street Raleigh NC 27601

Duration: 12 months contract

The Compliance Officer will be familiar with risk management comfortable leading internal risk assessments and possess knowledge of HIPAA and NIST privacy and security requirements for health information networks.

The candidate will be allowed to work remotely but will need to be onsite at short notice. There is a mandatory three week training onsite at the beginning of the engagement. Once all staff return to site the candidate will need to work onsite full time.

The NC HIEA Compliance Officer will ensure that operations follow all relevant state and federal requirements for securely transacting health information via the HIE Network NC HealthConnex. The Compliance Officer will be familiar with risk management comfortable leading internal risk assessments and possess knowledge of HIPAA and NIST privacy and security requirements for health information networks. This position will work closely with the NC HIEA leadership team DIT legal counsel and DIT Privacy Team and DIT Security and Risk Management Team to ensure continual improvement of the NC HIEAs security and risk profile.

Responsibilities:

Assist with the development and implementation of a compliance program for the NC HIEA that includes preparation for HITRUST certification

Create sound internal controls and monitor adherence to them

Draft and revise policies

Proactively audit processes practices and documents to identify weaknesses

Evaluate activities to assess compliance risk

Collaborate with external auditors and DIT Security Team when needed

Set plans to manage a crisis or compliance violation

Educate and train employees on regulations and industry practices

Address employee concerns or questions on compliance

Keep abreast of industry standards and business goals

Requirements

Proven experience as a Compliance Officer

Experience in risk management

Knowledge of HIPAA and NIST requirements

Familiarity with industry practices and professional standards

Excellent communication skills

Integrity And professional ethics

Attention To detail

Knowledge of privacy laws (state and federal such as HIPAA (preferred) PCI CJIS); proven risk management experience.

Required

3

Years

Experience in creation of risk management strategies and policy development to handle data breaches and other incidents.

Required

3

Years

Knowledge of NIST controls and experience with completing/conducting assessments; written and verbal communication.

Required

3

Years

Strong conflict management skills in order to work with senior management to ensure security and data protection rules and regulations are in place.

Required

3

Years

Knowledge of cybersecurity and privacy principles

Required

3

Years

Ability to determine whether a security incident violates a privacy principle or legal standard requiring specific legal action.

Required

3

Years

Ability to work across departments and business units to implement organizations privacy principles and programs.

Required

3

Years

Ability to develop update and/or maintain standard operating procedures (SOPs).

Required

3

Years

Ability to develop clear directions and instructional materials.

Thanks and Regards

Vinay Kumar

Technical Recruiter

1601 N Harrison Ave STE # 2B Pierre SD 57501

Certified Minority Business Enterprise (MBE)