Senior Consultant, HITRUST Assessment

What You'll Do

• Leads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
• Work collaboratively with a team of assessors as a HIPAA or HITRUST compliance specialist and assist with the planning of assessments to our clients.  
• Prepare, review and approve assessment reports.
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
• Ensures quality products and services are delivered on time.
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
• Provide mentorship to team members in areas of audit, assessment, technical review and writing.
• Interfaces with clients through entire engagement, interacting will all levels of client organizations. Establish and maintain positive collaborative relationships with clients and stakeholders
• Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
• Collaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
• Establishes account relationships and identifies upsell and cross sell opportunities and escalates to sales
• Participation at conferences, blogs, white papers, speaking engagements, and other evangelical activities related to IT security
• Travel typically 15-20%
• Ability to be successful in a remote environment. 

What You'll Bring

• 5+ Years of IT security and compliance assessment experience
• Security Certifications such as CISSP, CISA, CISM, CCSFP, HCISPP, or CIPP
• Bachelor's degree (four-year college or university) or equivalent combination of education and work experience. Degree preferably in Information Systems or Business.
• Subject matter expertise in the healthcare industry, including proven experience working with the HITRUST Common Security Framework (CSF), as well as the HIPAA Security and Privacy Rules.
• Working knowledge of IT security frameworks and regulations such as NIST, ISO, CSF, HIPAA, HITECH, HITRUST and Security Breach Notification
• Solid understanding of IT Risk Assessment methodologies either quantitative or qualitative or both
• A solid understanding of IT security technologies including network and application security, firewalls, access management, and data protection
• Experience and knowledge of Healthcare operations, common applications and business processes
• Experience assessing IT security threats, vulnerabilities and IT Security audit procedures
• Experience and success in delivering client engagements on-time and within budget
• Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
• Strong Consulting skills; ability to advise and challenge the status quo while building strong relationships
• Ability to build high-trust relationship and credibility quickly
• Ability to lead projects successfully and delegate up and across
• Strong attention to detail
• Strong problem solving, decision making, organizational and analytical skills
• Ability to prioritize and manage multiple initiatives/projects.
• Ability to be self-driven and have strong independent initiative.  
• Strong excel skills with ability to develop worksheets with complex formulas
• Ability to facilitate meetings to small or large groups
• Diplomatic and broad minded

Bonus Points

• Experience assessing security vulnerabilities using other frameworks such as PCI-DSS, FedRAMP, ISO, SOC, etc.