Byram Healthcare IT Security & Compliance Manager in White Plains, NY at Byram Healthcare

Date Posted: 5/15/2018

Job Snapshot

Job Description

POSITION SUMMARY

 

Ensures the business units' Information Techology's compliance with the various regulations including the Health Insurance Portability and Accountability Act (HIPAA), Personally Identifiable Information (PII), Protected Health Information (PHI), Payment Card Industry (PCI), General Data Protection Regulation (GDPR), and the Federal Information Security Management Act (FISMA). Develops, tests, documents, evaluates, tracks, and improves Information Technology (IT) compliance controls for all Information Technology resources within the business unit.  Collaborates with internal and external audit teams, Information technology Services (ITS) management, Corporate IT & Compliance resources, group Compliance, Audit, General Counsel and Risk Management, ITS Security Services and other stakeholders to ensure compliance programs and IT Security Policy deliverables are met. 



ESSENTIAL JOB FUNCTIONS: 

1.       In conjunction with Corporate IT Security, develops, implements, and maintains IT Compliance controls; develops and reviews existing IT compliance business unit controls for regulatory updates and performs the necessary gap analysis; creates and maintains various internal and external audit and compliance schedules for Information Technology Services (ITS).

2.       Develops, reviews, documents, evaluates, and tests manual and automated computer controls throughout the business unit IT environment; develops and implements testing methodologies for application development, IT infrastructure, security, and availability; designs and executes compliance tests for IT systems and coordinates required remediation.

3.       Conducts risk assessments on business and operational processes, procedures, and policies within the business unit; interprets audit results and makes conclusions on the adequacy and reliability of IT controls; prepares and presents reports on improvements to systems as necessary.

4.       Prioritizes and controls projects based on severity of risk and non-compliance; communicates control strengths and weaknesses to internal audit and compliance and collaborates with internal audit to develop migration plans.

5.       Applies ISO 27000, COBIT5, COSO, ITILv3, or NIST frameworks to all documentation and remediation efforts; provides guidance to ITS in reengineering of processes and procedures in need of remediation; conducts gap analysis via testing and recommends specific actions to fix gaps.

6.       Designs and enhances for internal controls such as segregation of duties, production change management, software management, security, incident handling, and transmission integrity; assists internal audit team and serves as a liaison with external auditors to facilitate auditing process.

7.       Designs audit/compliance programs to ensure ongoing evaluation and validation of ITS control effectiveness; performs other duties as assigned

SUPPLEMENTAL JOB FUNCTIONS:  

1.      Performs additional duties as directed. 



Qualifications

EDUCATION & EXPERIENCE REQUIRED:  

  • Four year university degree required; Master's Degree preferred
  • Eight or more years of experience in an Information Technology position required
  • Three or more years of supervisory experience required
  • Certified Information Systems Security Professional (CISSP) preferred
  • Or any combination of education and experience to fulfill the above requirements

KNOWLEDGE SKILLS & ABILITIES:

  • Knowledge of process improvement and project management methodologies
  • Knowledge of various applications and uses of health information technology
  • Strong analytical and decision making skills
  • Excellent verbal, written, and diplomacy skills
  • Effectively influences and guides others across various organizational structures using strong interpersonal skills
  • Ability to manage and collaborate with multidisciplinary teams
  • Ability to effectively prioritize and execute tasks in a high-pressure environment is crucial
  • Ability to decipher and apply knowledge of regulatory/accreditation requirements
  • Ability to prioritize and work on multiple projects under time constraints
  • Ability to adapt to shifting priorities, demands, and timelines through analytical and problem-solving capabilities
  • Ability to work independently as well as in a team environment including multi-level staff and external partners
  • Strong orientation toward high standards for customer service


ADDITIONAL REQUIREMENTS:

  • Ability to travel up to 40%
  • Ability to work various shifts

Not Ready To Apply?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.

JOIN OUR TALENT NETWORK