Job Description

Location: Steward Health Care
Posted Date: 5/12/2021
Reporting to the EIS Risk and Compliance Manager, the HITRUST Analyst will be responsible for assisting Steward Health Care Network (SCHN) becoming HITRUST certified. This project will involve reviewing HITRUST controls, governance policy and standards, security communications and other tasks as required for certification. Working closely with other Enterprise Information Security team members, the analyst will assist in protecting Steward Health Care’s assets.
KEY RESPONSIBILITIES

The EIS Risk and Compliance HITRUST Analyst will be responsible for supporting the HITRUST certification project efforts with:

  • Ensuring that the governance and compliance program elements meet the HITRUST certification compliance objectives and are designed, implemented and executed effectively, efficiently and economically.
  • Assist the Risk and Compliance team and the SME vendor in developing, maintaining, updating, and publishing all necessary information security program documentation, including but not limited to policies, procedures, standards, guidelines, education, etc.
  • Assist the team in scheduling meetings and with general project management
  • Reviewing and assessing the results of HITRUST compliance assessments and controls and processes and then recommending, documenting and monitoring the implementation of any prescribed corrective actions.
  • Assisting the team updating policies and standards related to the HITRUST initiative.
  • Recommending, documenting and monitoring the implementation of any prescribed corrective actions resulting from compliance assessments and projects.
  • Assuring that all necessary HITRUST compliance and governance documentation is maintained and updated.
  • Assist with presentations to management and enterprise committees.
  • Become the team HITRUST SME regarding new trends and additions to the HITRUST control set.

Qualifications (knowledge/skills/abilities/behaviors)

  • Behavioral Competencies:
    • Initiative
    • Organizational astuteness
    • High standards
    • Teamwork/collaboration
    • Responsiveness to customers
    • Analytical thinking
    • Confidence and high integrity
    • Process improvement
    • Understanding of information security and privacy concepts and practices (HITRUST, HIPAA, PCI, PII, NIST, ITIL etc.)
    • Ability to communicate effectively
    • Ability to think and plan creatively and effectively
    • Ability to understand and learn to assess business risk
    • Ability to relate with patients, hospital/practices and providers and understand their needs
    • Ability to maintain professional image and enthusiasm
    • Ability to operate with great latitude and resourcefulness multiple cross-functional teams

Education/Relevant Experience

  • Technical Skills
    • Understanding of information security and privacy concepts and practices (HITRUST, HIPAA, PCI, PII, NIST, ITIL etc.)
    • Understanding and ability to learn methods for incident identification/analysis, escalation procedures, and reduction of false positives.
    • Understanding and ability to learn the HITRUST controls that are applicable to the certification project,
  • Understanding network security as it relates to HITRUST certification.

‹‹‹‹‹‹‹

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online