IT Compliance and Security Analyst at HealthSCOPE Benefits

Little Rock, AR 72205

About the Job

The role of the IT Compliance and Security Analyst at HealthSCOPE is responsible for implementing, managing and enforcing information security directives and compliance as mandated by HIPAA, HITECH Act, and other applicable laws and regulations.  This position will work within the Information Technology team to assist in the execution of the company's activities related to information security processes, technology management, and employee security awareness.
This person will be involved in implementing procedures and controls that are necessary to ensure and protect the safety and security of information systems assets, including prevention of intentional or inadvertent access, modification, disclosure, or destruction.  This position will ensure documentation related to Information Technology controls, processes and assessments needed is maintained to meet regulatory guidelines as well as company audits. This position is a critical component of IT control testing and execution to ensure that audit requirements are met.

Essential Responsibilities:
• Work with all members of the IT team to maintain and update all IT controls, standard procedures, policies and enforcement of processes to enable compliance with regulatory requirements
• Assist in periodic information risk assessments and audits to ensure that information systems are adequately protected to meet all appropriate requirements (HITECH, HIPAA, and associated IT controls)
• Analyze internal controls compliance program test results and work with IT Management to prepare management responses to all findings
• Periodically review all IT internal procedures to ensure compliance under HITECH and HIPAA policies (existing IT controls) and report findings to IT Management
• Support all audit efforts related to information security and or compliance through close collaboration with both internal stakeholders as well as external auditors
• Work with business unit owners and technology partners to ensure controls are in place and being executed
• Develop / Enhance / Support information risk and security programs related to system and data protection efforts across the company
• Participate in information security awareness and training initiatives
• Assist in tracking and maintenance of action plans for the resolution of issues identified during assessment and audits. Provide needed assistance with the execution of those remediation plans
• Ability to report to the office

• Bachelor’s degree in Information Systems, Management Information Systems, or Business Administration OR an additional 2 years of relevant experience. Significant and relevant technical experience meeting the job description may be substituted for degree requirements
• Effective organizational and prioritization skills
• Must possess excellent technical writing and communication skills in order to properly communicate procedures, policies, and compliance status
• Ability to work in a fast paced multi-tasking environment
• Advanced  knowledge of Microsoft Office software applications (Word, Excel, Outlook, Access)
• Ability to closely track progress against a plan and strict adherence to deadlines
• Embraces constructive feedback and continually seeks to improve performance
• Minimum of 2 years’ experience working in Information Technology disciplines 1 of which must be working with HIPAA related controls preferred
• A solid technical background working in a Windows-based environment (i.e., AD, LDAP, etc.) desired
• Exposure to rules and regulations pertaining to IT regulatory compliance requirements and standards such as HIPAA, HITECH and CoBIT considered a plus
• A basic understanding of IT technologies and processes, such as protocols, infrastructure, middleware, networking, software and hardware desired
Email this job
Email this job
Note: Email addresses will only be used for mail delivery of this job.