Job ID: NC-747232 (910190930)
Hybrid/Local Security/Compliance Officer with privacy laws/HIPAA/PCI/CJIS, cybersecurity, SOPs, HIE, NIST, HIEA/HITRUST certification experience
Location: Raleigh NC(NCDIT)
Duration: 12 Months
Position: 2(2)
Skills:
Knowledge of privacy laws (state and federal such as HIPAA (preferred), PCI, CJIS); proven risk management experience. Required 3 Years
Experience in creation of risk management strategies and policy development to handle data breaches and other incidents. Required 3 Years
Knowledge of NIST controls and experience with completing/conducting assessments; written and verbal communication. Required 3 Years
Strong conflict management skills in order to work with senior management to ensure security and data protection rules and regulations are in place. Required 3 Years
Knowledge of cybersecurity and privacy principles Required 3 Years
Ability to determine whether a security incident violates a privacy principle or legal standard requiring specific legal action. Required 3 Years
Ability to work across departments and business units to implement organization’s privacy principles and programs. Required 3 Years
Ability to develop, update, and/or maintain standard operating procedures (SOPs). Required 3 Years
Ability to develop clear directions and instructional materials. Required 3 Years
Job Description:
The candidate will be allowed to work remotely but will need to be onsite at short notice. There is a mandatory three week training onsite at the beginning of the engagement. Once all staff return to site the candidate will need to work onsite full time.
Responsibilities:
Assist with the development and implementation of a compliance program for the NC HIEA that includes preparation for HITRUST certification
Create sound internal controls and monitor adherence to them
Draft and revise policies
Proactively audit processes, practices and documents to identify weaknesses
Evaluate activities to assess compliance risk
Collaborate with external auditors and DIT Security Team when needed
Set plans to manage a crisis or compliance violation
Educate and train employees on regulations and industry practices
Address employee concerns or questions on compliance
Keep abreast of industry standards and business goals
Requirements
·Proven experience as a Compliance Officer
·Experience in risk management
·Knowledge of HIPAA and NIST requirements
·Familiarity with industry practices and professional standards
·Excellent communication skills
·Integrity And professional ethics
·Attention To detail