Cedars-Sinai Security Compliance Specialist in Los Angeles, California
Security Compliance Specialist Requisition # E10075
Come join us and find out why Cedars-Sinai has been ranked as one of the top 100 best places to work in IT as ranked by 2017 Computerworld Magazine.
Responsible for supporting the activities of the EIS information security team. Responsibilities include helping drive successful overall security compliance delivery. Tasks include performing special compliance projects and audits and contributing to process development. Assisting with achievement of security reviews and tracking organizational compliance to regulatory standards and information security policy. Participates in security governance activities and tracks compliance and remediation activities of risk based security assessments for technologies, systems, processes, and other components of the IT and business environments. Participates in the review and update of security policies, procedure, guidelines and standards. Participates with projects related to information security regulatory and policy compliance, and security training. Helps create an enterprise-wide culture of information security awareness. Collaborates with team members to achieve documentation workflows and requirements for HIPAA compliance, assisting with third-party Business Associate Agreements and external party risk assessments, security-related exceptions, and data gathering for various internal and external audits.
- Provides security compliance expertise for entire compliance and monitoring activities. This includes, but is not limited to, facilitating the following functions: HIPAA Security regulatory requirements understanding and interpretation, compliance monitoring, risk assessments, audit design and process workflows, remediation tracking, Request for Proposal development, vendor evaluation and selection, and contract negotiation and development. Ensures information security and regulatory compliance, risk analysis, audit and project tracking, and audit facilitation and management.
- Responsible for working with internal and external operational partners (e.g., E&Y) in developing and planning audit reviews and monitoring project timelines.
- Works with Senior Security Compliance Specialist to ensure compliance enforcement of EIS to defined EIS Security Standards and effect remediation efforts, and assist in balancing compliance efforts with given resources. Works to ensure appropriate assignment of compliance resources to each audit, and has overall responsibility for completion of the compliance monitoring activity and/or audit. conducts and manages the audit within established time and budget parameters.
- Provides informative and timely status reports using department reporting procedures for both internal EIS and external operational customers.
- Keeps abreast of current trend and developments in the security compliance field through participation with vendor user groups, attending conferences, vendor demonstrations, and interacting with other vendor customers. Maintains a strong understanding of Federal, State, regulatory agency standards/guidelines as it relates to security (HIPAA, ISO17799/27002, JCAHO), providing policy guidance and assistance for the health system.
- Participates in and supports security training and awareness activities.
- Coordinates approvals and annual review of security exceptions, technical security review assignments, and review of Business Associate Agreements.
- Responds thoroughly and promptly to customer needs as defined in conjunction with customers. Assumes ownership of customer relationships and follows issues through to closure.
Education Certifications/Licensure Experience Physical Abilities Education:
Bachelor’s Degree in related field preferred; and/or equivalent related work experience.
Typically requires 1-3 years of experience in managing security and/or compliance audits, preferably IT audits in a health care organization.
Requires audit or risk management experience, using best practices, such as NIST, ITIL, HIPAA, PCI-DSS, ISO 27000 series principles, or completion of HIPAA Security auditing courses within the first year of employment.
Demonstrated experience in security auditing or compliance project management, systems analysis, and vendor/customer interactions required.
Advanced knowledge of Microsoft Office applications, project development, and risk management software.
Well organized with demonstrated ability to prioritize workload, meet deadlines, and manage several audits and projects at one time.
Good verbal and written communication skills; and good analytical, problem-solving and decision-making skills.
Ability to manage difficult, sensitive, and confidential situations with integrity and professionalism.
Executes all job responsibilities and assignments promptly, reliably, honestly, and ethically.
Requires ability to work independently with minimal supervision and manage multiple priorities.
Good communication skills (verbal and written) and pragmatic consensus-building, conflict-prevention and resolution skill sets.
Good skills in pragmatic consensus-building, conflict-prevention, and resolution.
- Working Title: Security Compliance Specialist
- Business Entity: CSMC - Cedars-Sinai Medical Center
- Cost Center # - Cost Center Name: 0848072 - Information Security
- City: Los Angeles
- Job Category: Information Technology/Telecom
- Job Specialty: Infrastructure Technology
- Position Type: Regular-F/T
- Shift Length: 8hr
- Hours: 8am - 5pm
- Days: Monday - Friday
- Shift Type: Day
- Weekends: As Needed
Cedars-Sinai is an EEO employer. Cedars-Sinai does not unlawfully discriminate on the basis of the race, religion, color, national origin, citizenship, ancestry, physical or mental disability, legally protected medical condition (cancer-related or genetic characteristics or any genetic information), marital status, sex, gender, sexual orientation, gender identity, gender expression, pregnancy, age (40 or older), military and/or veteran status or any other basis protected by federal or state law. If you need a reasonable accommodation for any part of the employment process, please contact us by email at Applicant_Accommodation@cshs.org and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address.
Cedars-Sinai will consider for employment qualified applicants with criminal histories, in accordance with the Los Angeles Fair Chance Initiative for Hiring.
At Cedars-Sinai, we are dedicated to the safety, health and wellbeing of our patients and employees. This includes protecting our patients from communicable diseases, such as influenza (flu). For this reason, we require that all new employees receive a flu vaccine based on the seasonal availability of flu vaccine (typically during September through March each year) as a condition of employment, and annually thereafter as a condition of continued employment.