Job summary:


Title:
Information Security Manager

Location:
Washington, DC, United States

Length and terms:
Long term - W2 or 1099 Only


Position created on 08/02/2021 08:23 pm

Job description:


**** W2 or 1099 Only - No c2c ***webcam interview *****Long term  project;  usually the project goes for multiple years with this customer.

  • Initiates, facilitates, and promotes activities to foster information security awareness within the organization.
  • Initiates, facilitates, and promotes activities to foster information security awareness within the organization.
  • Creates a culture of cyber security both with the IT organization and driving behavioral changes for the business.
  • Evaluates security trends, evolving threats, risks and vulnerabilities and applies tools to mitigate risk as necessary.
  • Manages security incidents and events involving electronic protected health information (ePHI)
  • Ensure that the disaster recovery, business continuity, risk management and access controls needs of the facility are addressed.
  • Ensures the institution/organization complies with the administrative, technical and physical safeguards.
  • Collaborates with organization senior management, Privacy Officer, and Corporate Compliance officer to establish governance for the security program.
  • Serves in a leadership role for security compliance.
  • Works closely with the Privacy Officer to ensure alignment between security and privacy compliance programs including policies, practices and investigations, and acts as a liaison to the information systems and compliance departments.
  • Is responsible for initial and periodic information security risk assessment/analysis, mitigation and remediation. Responsible for development and implementation of security risk management plan.
  • Ensure organization has audit controls to monitor activity on electronic systems that contain or use electronic protected health information.
  • Oversee periodic monitoring and reviewing of audit records to ensure that activity is appropriate. Such activity would include, but is not limited to, logons and logoffs, file accesses, updates, edits and printing.
  • Ensure the organization has and maintains appropriate system use and disclosure / confidentiality statement.
  • Oversees, develops and/or delivers initial and ongoing security training to the workforce. Initiates, facilitates and promotes activities to foster information security awareness within the organization and related entities.
  • Participates in the development, implementation, and ongoing compliance monitoring of all BA's and business associate agreements, to ensure -security concerns, requirements, and responsibilities are addressed.
  • Assists Privacy Officer as needed with breach determination and notification processes under HIPAA and applicable State breach rules and requirements.
  •  Establishes and administers a process for investigating and acting on security incidents which may result in a privacy breach breaches.
  • Partners with Human Resources and Privacy Officer to ensure consistent sanctions for security violations
  • Maintains current knowledge of applicable federal and state security laws, licensing and certification requirements and accreditation standards.
  • Cooperates with the U.S. Department of Health and Human Service's Office for Civil Rights, State regulators and/or other legal entities, and organization on officers in any compliance reviews or investigations.
  • Serves as information security consultant to all departments for all data security related issues.

 

Required skills:

 

  • 16+ yrs. MS Office/PowerPoint experience
  • Bachelor’s degree in IT or related field or equivalent experience
  • 8 years of Knowledge and exp in state and federal information security laws, including but not limited to HIPAA, including NIST, PCI and all other regulations
  • 8 years of Proven expertise in presenting executive level reports on project security and compliance
  • 10 years of Proven track record in the successful completion of an SDLC from a security workstream standpoint
  • 8 years of Expertise translating security protocols and requirements to stakeholders and/or technical project managers
  • 8 years of Knowledge of project management tools - JIRA, SharePoint, Sciforma, Salesforce, MS Project (preferably)
  • 8 years of Proven documentation expertise for the purpose of security policy development, audit finding responses, security risks/gap analysis reports etc.
  • 8 years of Proven experience functioning as the prim POC for IT security audits
  • 8 years of Knowledge of HIPAA, state and federal guidelines on security, transactions and security
  • 10 years of Experience working in IT Security for the Health and Human Services sector
  • 10 years of Expience managing a team of IT professionals specializing in IT Security
  • 10 years of Excellent communication and leadership skills
  • 10 years of Expert knowledge of the MS Office Suite
  • 7 years of Proven knowledge and expertise with health care relevant legislation and standards for the protection of health information and patient security

 

Highly desired skills:

 

 

  • Healthcare Privacy and Security (CHPS) certification and/or other healthcare industry related security credentials
  • CISSP Certification (preferred)
  • Knowledge and/or understanding of Curam - V6 or higher (desired)
  • ITIL Certification (desired)

Contact the recruiter working on this position:



The recruiter working on this position is Rajendra Reddy
His/her contact number is +(1) (202) 4706751
His/her contact email is rajr@msysinc.com

Our recruiters will be more than happy to help you to get this contract.