Catholic Health Initiatives IT Security Compliance Analyst II in ENGLEWOOD, Colorado

IT Security Compliance Analyst II

Description

Key Functions

  • Support the effort to centrally manage all ITS audits and assessments to ensure that issues are addressed timely and appropriately.

  • Support the implementation and integration of the Security Control Framework to assess, measure, and report on compliance with Security regulatory requirements.

  • Perform Security Control Assessments based on the Security Control Framework to identify gaps, and work with process owners to build corrective action plans.

  • Participate in the implementation of the Security Awareness Program

Responsibilities

  • Provide ongoing support for all ITS CHAN audits and external audits to ensure audit requests and audit issues are addressed timely and appropriately.

  • Support the maintenance and integration of the Security Control Framework in support of the Security Compliance Program.

  • Conduct annual Security Control assessments to identify compliance control gaps, work with process owners to determine corrective action plans, and support the integration of the Security Control Framework.

  • Participate in the effort to address identified IT risks with corrective action plans to ensure compliance with HIPAA, Federal and State Information Protection and Privacy regulations, CHI

  • Information Security Policies, and other relevant regulations pertaining to the protection of Enterprise information assets with respect to information security.

  • Assist in the assessment and review of new and existing technology infrastructure to ensure adequate levels of control are in place to ensure compliance with Security Requirements and ensure that all reviews are actionable by system managers and the operations staff.

  • Proactively identify security awareness training topics to ensure that CHI employees are aware and educated on security compliance requirements.

  • Support the consultative process and advise personnel in IT departments to coordinate Information Security activities.

  • Support Regional Information Security Officers in Information Security activities as needed.

  • Support the Security Compliance communication process to centralize and standardize the voice of Security.

  • Support the Collaborative programs with personnel in ITS and all business units to ensure that electronic data security is consistently implemented throughout the enterprise.

  • Update skills as necessary to support CHI Information Security and remain knowledgeable of industry standards and advancements.

Qualifications

Skills, Requirements, and Certifications

  • Bachelor of Science degree in business, computer science, or accounting required.

  • Minimum of 5 years of progressive experience in audit and compliance including 3 years in information technology shared services, including maintenance and use of security products in a distributed enterprise environment, and experience in compliance with federal security regulations.

  • Minimum of 2 years’ experience in healthcare or compliance consulting.

  • Certified Information Systems Auditor (CISA), preferable.

  • Require in-depth understanding of Information Security practices for the network, servers, databases, applications, and advanced use of Information Security assessment techniques.

  • May substitute an equivalent combination of education and experience.

Interactions, hand-offs

  • Collaborate with all Information Security and Privacy Leaders in implementing consistent security safeguards and controls throughout the organization

  • Facilitate and review control and compliance initiatives, such as self-assessments, third party reviews and due diligence initiatives.

  • Build relationships with corporate wide process improvement experts to leverage use of the technology organization wide capabilities.

  • Work with ITS Leadership to establish and document standard security policies and procedures

Additional Responsibilities:

  • Demonstrates a commitment to service, organization values and professionalism through appropriate conduct and demeanor at all times.

  • Adheres to and exhibits our core values :

  • Reverence : Having a profound spirit of awe and respect for all creation, shaping relationships to self, to one another and to God and acknowledging that we hold in trust all that has been given to us.

  • Integrity: Moral wholeness, soundness, uprightness, honesty and sincerity as a basis of trustworthiness.

  • Compassion: Feeling with others, being one with others in their sorrows and joys, rooted in the sense of solidarity as members of the human community.

  • Excellence: Outstanding achievement, merit, virtue; continually surpassing standards to achieve/maintain quality.

  • Maintains confidentiality and protects sensitive data at all times.

  • Adheres to organizational and department specific safety standards and guidelines.

  • Works collaboratively and supports efforts of team members.

  • Demonstrates exceptional customer service and interacts effectively with physicians, patients, residents, visitors, staff and the broader health care community.

#GLDRNAT

Job Information Technology

Primary Location COLORADO-ENGLEWOOD-DENVER MERIDIAN NORTH

Daily Schedule Days

Scheduled Hours per 2-week Pay Period 80

Weekends Required Occasional

Req ID: 2017-R0120402