Job Details

Experienced Cyber Security - NIST

Montgomery, Alabama, United States
Job Description:


General oversight of privacy and security related to HIPAA Privacy and Security rules and State privacy laws. Act as the global single customer point of contact for security for large HealthCare customer accounts. This position will have responsibility for the information technology security services and security escalations for the assigned account. It also provides leadership and governance for audit and compliance activities. Responsibilities will include attending meetings with all levels of customer management, recommending and influencing customer direction, reporting status of security, leading global security projects and programs, generating change orders, handling security escalations, facilitating audits and compliance reviews and overseeing all required regulatory and audit remediation activities.

The clients that will be supported by this position are highly regulated with comprehensive security needs. The security requirements are important in order to provide recognized and respected security expertise to implement the security solution and manage any potential future security requirement amendments. The audit management requirement supports the numerous audits related to the client's internal audit, external audit, governmental regulators and industry regulatory auditors.

This position can also be required to act as a trusted advisor to the Gainwell Technologies client and our client team in the area of Information Security and Audit Compliance. This position is required to provide an essential single point of contact and program management for client audit management, controlled self-assessment and to provide security, audit and regulatory-related subject matter expertise.

Responsibilities include:

\u00b7 Understanding of HIPAA Privacy and Security regulations and state/local privacy laws. Understanding of NIST 800-53 security controls.

\u00b7 Evaluate the day to day work conducted on the Client account and conduct risk assessments to determine impact.

\u00b7 Review Policy Compliance Management and vulnerability reports.

\u00b7 Conduct annual user access reviews with account business unit managers. Conduct monthly reviews of privileged.

\u00b7 Coordinate full risk assessment every three years. Working knowledge of NIST SP 800-53 is a must.

\u00b7 Coordinate annual SSAE18 audit with various Client resources and third-party auditors.

\u00b7 Work with the onsite trainer to conduct HIPAA new hire training for new hires.

\u00b7 Maintain all documentation supporting HIPAA compliance including Privacy and Security Manual, Risk Management Plan, Incident Response Plan, System Security Plan.

\u00b7 Work with the client during the annual disaster and recovery drill.

\u00b7 24/7 availability for any emergencies including any privacy and security events reported by the SIEM SOC and 24/7 availability to address privacy and security incidents in general.

This is the list of core responsibilities for the Account Security Officer and is not all-inclusive. The Account Security Officer may perform additional duties as needed to support the HCI organization or the client account needs. This is the list of core responsibilities for the Account Security Officer and is not all-inclusive.

Send application

Mail this job to me so I can apply later

Apply With CV

You are not logged in. If you have an account, log in to your account. If you do not have an account, why not sign up? It only takes a minute!

latest videos

Upcoming Events