HIPPA Compliance Analyst Consultant - TechWish
MN 55455-0213
About the Job
Experience
Requirements
Experience with regulated HIPAA environments
Experience with audit or risk management oversight activities
Experience with developing and implementing holistic solutions within a primarily Linux
Operating System (OS) environment
Experience advising on risk-based prioritization and remediation strategies
Experience collaborating with other security operations and system administrator
professionals to determine adequate mitigations
Ability to approach compliance both strategically and tactically
Current technical knowledge and understanding of threats, emerging threats, and
vulnerabilities
Preferred
Experience with high-performance computing environments
Experience with academic medicine, academic research, or other similar environments
Experience with other regulated environments such as NIST 800-171, CMMC
Experience with governance structures in a large/decentralized organization
Experience balancing operational and collaborative needs with data security and privacy
requirements
One or more certifications from the list provided below
System administration experience
Coding/scripting experience (e.g. python, powershell, etc.)
Deliverables
Consult with MSI staff to complete a Gap Analysis to University Information Security
Policy and HIPAA Controls using the existing University processes
Add specific details and supporting documentation as relevant.
Consult with MSI staff to Utilize Gap Analysis to University Information Security Policy
and HIPAA Controls to:
Define requirements for HIPAA Compliance program within MSI
Document a six-month project plan for initial design and implementation
Document tracked progress against deadlines
Consult with MSI staff to develop and document processes and procedures that meet
University Information Security Policy and HIPAA requirements
Include RACI/RASCI where needed
Document additional analysis of HIPAA Compliance needs as necessary
Job Duties
Propose mitigation plans and strategies for identified compliance gaps
Maintain alignment with the University's overall HIPAA Compliance program and
strategy
Define and monitor the execution of activities to mitigate the gaps identified in the gap
analysis MSI has completed
Provide HIPAA Expertise to the project team by reviewing implemented architecture,
controls, procedural evidence, and documentation with a compliance and audit lens
Lead a cross-functional team to collaborate and execute the project plan
Consult with MSI on building sufficient documentation of procedures and evidence of
executed processes to meet compliance requirements and prepare for future
investigations, audits or assessments
Provide weekly status reports to UIS Manager and Leadership
Provide guidance to comply with University Policy and other relevant frameworks
Prioritize and oversee remediation activities ensuring appropriate, timely and complete
resolution based on risk
Potential Certs
HCISSP
CISSP
CISSP-ISSMP
CRISC
CISA
CISM
GPEN
GCWN
GWAPT
GXPN
GDAT
Requirements
Experience with regulated HIPAA environments
Experience with audit or risk management oversight activities
Experience with developing and implementing holistic solutions within a primarily Linux
Operating System (OS) environment
Experience advising on risk-based prioritization and remediation strategies
Experience collaborating with other security operations and system administrator
professionals to determine adequate mitigations
Ability to approach compliance both strategically and tactically
Current technical knowledge and understanding of threats, emerging threats, and
vulnerabilities
Preferred
Experience with high-performance computing environments
Experience with academic medicine, academic research, or other similar environments
Experience with other regulated environments such as NIST 800-171, CMMC
Experience with governance structures in a large/decentralized organization
Experience balancing operational and collaborative needs with data security and privacy
requirements
One or more certifications from the list provided below
System administration experience
Coding/scripting experience (e.g. python, powershell, etc.)
Deliverables
Consult with MSI staff to complete a Gap Analysis to University Information Security
Policy and HIPAA Controls using the existing University processes
Add specific details and supporting documentation as relevant.
Consult with MSI staff to Utilize Gap Analysis to University Information Security Policy
and HIPAA Controls to:
Define requirements for HIPAA Compliance program within MSI
Document a six-month project plan for initial design and implementation
Document tracked progress against deadlines
Consult with MSI staff to develop and document processes and procedures that meet
University Information Security Policy and HIPAA requirements
Include RACI/RASCI where needed
Document additional analysis of HIPAA Compliance needs as necessary
Job Duties
Propose mitigation plans and strategies for identified compliance gaps
Maintain alignment with the University's overall HIPAA Compliance program and
strategy
Define and monitor the execution of activities to mitigate the gaps identified in the gap
analysis MSI has completed
Provide HIPAA Expertise to the project team by reviewing implemented architecture,
controls, procedural evidence, and documentation with a compliance and audit lens
Lead a cross-functional team to collaborate and execute the project plan
Consult with MSI on building sufficient documentation of procedures and evidence of
executed processes to meet compliance requirements and prepare for future
investigations, audits or assessments
Provide weekly status reports to UIS Manager and Leadership
Provide guidance to comply with University Policy and other relevant frameworks
Prioritize and oversee remediation activities ensuring appropriate, timely and complete
resolution based on risk
Potential Certs
HCISSP
CISSP
CISSP-ISSMP
CRISC
CISA
CISM
GPEN
GCWN
GWAPT
GXPN
GDAT
Source : TechWish