Hitrust Security Specialist

Title: Hitrust Security Specialist

Duraiton : 6 months

Location: Detroit, MI - ( 1 day onsite, 4 days remote)

MUST HAVES:

JOB DESCRIPTION

Engagement Description –

The EIS Compliance/Governance Analyst will be responsible for assisting in the responsibilities of executing the security framework compliance/governance activities and requirements for client. Day-to-day responsibilities will also include documenting adherence to governance requirements across policies/standards, procedures, controls, compliance, training and awareness, and preparing metrics/KPIs and reporting materials. This role will report to the EIS ESF Manager.

• Evaluate the design and operation effectiveness of Business/IT operations against the HITRUST CSF and identify areas of improvement
• Interview SMEs, examine evidence documentation, analyze and perform testing
• Learn the company functions/processes by conducting process walk throughs
• Analyze root cause of issues, provide recommendations for process improvements and risk mitigation based on assessment findings
• Collaborate with cross-functional teams to mitigate risks and ensure compliance with HITRUST CSF
• Deliver effective and concise documentation that meets HITRUST quality standards
• Prepare and provide reporting such as dashboards and metrics, on various areas of performance, issue analysis and assessment statuses
• Utilize GRC tools to effectively manage assessment remediation plans and documentation
• Serve as a HITRUST subject matter expert
• Participate and provide support during audits, assessments, or other required third-party reviews.
• Support initiatives/projects
• Build relationships internally to foster a culture of teamwork and collaboration

Top 3 Required Skills/Experience –

• At least 3-5 years of work experience in IT compliance, IT Assessments and/or IT audit experience as well as knowledge and understanding of governance, risk, compliance
• Knowledge of security and risk frameworks, standards, best practices (e.g., HITRUST CSF, NIST CSF, ISO/IEC 27001, COBIT)
• Self-starter with effective written and verbal communication skills along with strong critical thinking skill