Security Consultant (HiTrust)

Security Engineer helps to advise, deliver and support applications for Carepool. We received our SOC Type I with procedures in place and now working to HiTrust certification.

In tandem with technical leadership, this role consistently assesses the threat landscape and adapts quickly to protect the business from risk. They must be highly technical and possess at least 3-5+ years' experience in security across a wide variety of security domains including governance and compliance, cloud security architecture, with knowledge of software as a service (SaaS), infrastructure as a service (IaaS) and platform as a service (PaaS).

What You'll Do:

1. Assist us in taking our security policies to the next level in preparation for HiTrust certification.
2. Hi-Trust Assessment: Conduct comprehensive Hi-Trust security assessments of client systems and environments to identify vulnerabilities, risks, and compliance gaps.
3. Security Controls Implementation: Design, implement, and monitor security controls, policies, and procedures aligned with Hi-Trust framework requirements.
4. Compliance Management: Assist clients in achieving and maintaining Hi-Trust certification by ensuring compliance with applicable regulations, standards, and best practices.
5. Attend regular technical project and implementation meetings and serve as the security consultant to help guide us through the HiTrust process.
6. Manage remediation efforts after security assessment findings outline weaknesses requiring attention.
7. Stay apprised of current and proposed security changes impacting regulatory, privacy and security industry best practice guidance. Apply learned knowledge across key lines of business, including products, practices, and procedures.

Experience:

• Cybersecurity: 1 year (Required)
• HITRUST: 3 years (Required)