GRC/Hitrust consultant || Hartford, CT – 100% remote
Dev Chauhan
I have some urgent requirements with my client. Please send me your updated resume along with your hourly rate / yearly salary expectations, if interested. In case you are not interested, it will be nice to let your friends know of this position who may be a potential fit.
Job title: GRC/Hitrust consultant
Location: Hartford, CT – 100% remote
Healthcare domain
Key Skills: Information Security related policy, procedure, and control writing. HITRUST, HIPAA, NIST CSF, PCI, NIST 800-53, ISO-270001
"The requirements listed are representative of the knowledge, skill, and/or ability required.
• At least two years in Healthcare policy management and advisory services
• Excellent oral and written communication, analytical skills to successfully analyze, model, and communicate complex problem domains and solutions.
• Ability to work independently and effectively.
• Strong understanding of information technology and risk management concepts
• Possesses critical IT values (i.e., fact based, collaborative, credibility/trust and judgment).
Technical Skills
• Strong experience in Information Security related policy, procedure, and control writing.
• Strong understanding of information related frameworks and standards such as HITRUST, HIPAA, NIST CSF, PCI, NIST 800-53, ISO-270001 etc.
• Experience in technology risk management principles and practices
• Experience in working with regulatory frameworks and requirements relevant to the company.
Education and/or Experience:
• Bachelor’s degree - Computer Science, Management Information Systems, or related field or the equivalent combination of education and/or relevant experience.
• 3 or more years hands-on Information Security related work experience.
• Previous work in Compliance, Audit, Risk Management, or Project Management.
Roles and Responsibilities:
• Develop, maintain, and continually improve Customer Information Security policies, standards, procedures, and controls.
• Support Customer Policy management leadership on the ongoing HiTrust Compliance recertification effort.
• Manage Customer controls to ensure their compliance to regulatory requirements including (PCI, HiTrust, HIPAA, etc.)
• Assist in the management of activities related to the HiTrust lifecycle of remediation activities including, but not limited to:
o Delivery timeline tracking
o Management Reponses
o Development of appropriate controls corrective action plans
o Tracking remediation completion
• Ability to identify control gaps and work with control owners on possible remediation steps.
• Collaborate with various client Stakeholder on polices, standard and procedure integration.
• Updating IT controls in Archer and tracking any changes to control descriptions and their implementation.
• Ability to update client document in Archer without major oversight.
Thanks and Regards,
Dev Chauhan
Direct No. 609-551-3117