JOB TITLE: IT Security Specialist
JOB TYPE: W2 Contract – Ongoing
LOCATION: Detroit MI (hybrid)
INDUSTRY: Healthcare and Insurance sector
JOB SUMMARY FOR INFORMATION TECHNOLOGY SECURITY SPECIALIST:
The EIS Compliance/Governance Analyst will be responsible for assisting in the responsibilities of executing the security framework compliance/governance activities and requirements for the client. Day-to-day responsibilities will also include documenting adherence to governance requirements across policies/standards, procedures, controls, compliance, training and awareness, and preparing metrics/KPIs and reporting materials. This role will report to the EIS ESF Manager.
- Evaluate the design and operation effectiveness of Business/IT operations against the HITRUST CSF and identify areas of improvement
- Interview SMEs, examine evidence documentation, analyze and perform testing
- Learn the company functions/processes by conducting process walk throughs
- Analyze root cause of issues, provide recommendations for process improvements and risk mitigation based on assessment findings
- Deliver effective and concise documentation that meets HITRUST quality standards
- Utilize GRC tools to effectively manage assessment remediation plans and documentation
- Serve as a HITRUST subject matter expert
SKILLS/ EXPEREINCE REQUIRED FOR INFORMATION TECHNOLOGY SECURITY SPECIALIST:
- At least 3-5 years of work experience in IT compliance, IT Assessments and/or IT audit experience as well as knowledge and understanding of governance, risk, compliance
- Knowledge of security and risk frameworks, standards, best practices (e.g., HITRUST CSF, NIST CSF, ISO/IEC 27001, COBIT)
- Self-starter with effective written and verbal communication skills along with strong critical thinking skill
- Experience in coordination and execution of the audit lifecycle, including evidence collection, review, observation tracking, management response collection and auditor relations and communication.