ZipRecruiter

Log In

1

Hitrust Contract Jobs in Indiana (NOW HIRING)

People also search for

All JobsHitrust Contract JobsHitrust Contract Jobs in Indiana

Hitrust Contract information

What are the key skills and qualifications needed to thrive as a HITRUST Compliance Manager, and why are they important?

To thrive as a HITRUST Compliance Manager, you need in-depth knowledge of information security, risk management, and regulatory frameworks, typically backed by a degree in IT or cybersecurity and experience with HITRUST CSF. Familiarity with compliance management tools, GRC systems, and HITRUST certification processes is crucial. Outstanding attention to detail, problem-solving skills, and strong communication abilities help you interpret standards and guide organizations through audits. These competencies ensure organizations maintain robust data protection, regulatory compliance, and successful HITRUST certification.

What are some common challenges faced by professionals working on HITRUST contract compliance projects?

Professionals working on HITRUST contract compliance projects often face challenges such as interpreting complex regulatory requirements, coordinating with multiple departments to gather documentation, and ensuring that all security controls are properly implemented and maintained. Additionally, meeting tight audit deadlines and effectively communicating technical requirements to non-technical stakeholders can be demanding. These roles frequently require strong project management skills, attention to detail, and the ability to adapt to evolving compliance standards.

What is a HITRUST contract?

A HITRUST contract is a legal agreement that outlines the requirements and responsibilities for achieving or maintaining HITRUST certification, a widely recognized standard for information security and privacy in the healthcare industry. These contracts are often used between organizations and their vendors or partners to ensure compliance with the HITRUST Common Security Framework (CSF). The contract typically specifies the controls, reporting, and audit obligations needed to protect sensitive data, such as patient health information, and to meet regulatory requirements like HIPAA. Entering into a HITRUST contract can help organizations demonstrate their commitment to security and build trust with clients and partners.

What is the difference between Hitrust Contract vs Security Analyst?

AspectHitrust ContractSecurity Analyst
CertificationsHITRUST CSF, HIPAACISSP, CISA, Security+
Work EnvironmentHealthcare, compliance-focusedIT security teams, various industries
Employer & IndustryHealthcare providers, vendorsAny industry with cybersecurity needs

HITRUST Contract roles focus on ensuring compliance with HITRUST standards, primarily in healthcare. Security Analysts handle broader cybersecurity tasks across industries, including threat detection and risk management. While both roles require security certifications, HITRUST Contract positions emphasize healthcare regulations, whereas Security Analysts have a wider scope in cybersecurity practices.

What are popular job titles related to Hitrust Contract jobs in Indiana? For Hitrust Contract jobs in Indiana, the most frequently searched job titles are:
What job categories do people searching Hitrust Contract jobs in Indiana look for? The top searched job categories for Hitrust Contract jobs in Indiana are:
Hitrust Contract jobs near you

Chief Information Security Officer

Medical Informatics Engineering/Enterprise Health

Fort Wayne, IN • On-site

$145K - $170K/yr

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted yesterday

Job description

The Chief Information Security Officer (CISO) is responsible for establishing, leading, and maintaining the organization's enterprise-wide information security program. This role ensures the confidentiality, integrity, and availability of company data, systems, and infrastructure while supporting business growth in a highly regulated healthcare environment.The CISO serves as the senior security leader for the organization, responsible for security strategy, risk management, compliance, incident response, and security operations. This role works closely with executive leadership, DevOps, business development, legal, and external auditors to ensure compliance with healthcare and international security standards, including HITRUST, HIPAA, SOC 2 Type II, NIST, and ISO.Company OverviewWe provide solutions that make a meaningful difference in healthcare. Founded in 1995, MIE serves as the innovation engine for business units that serve hospitals and health systems, physician practices, Fortune 500 employers, government agencies, and consumers. MIE's web-based health information technology platform is helping physicians, nurses, and administrators make a meaningful difference in healthcare delivery across the globe.Key Responsibilities
  • Strategic Security Leadership:
    • Develop and implement the organization's information security strategy.
    • Provide regular security updates to the CIO, other executives, and the board of directors, including presentations on security matters.
    • Represent the organization in security-related matters with external parties, including vendors and auditors.
    • Work closely with the CIO and operate as a member of the DevOps team to emphasize and implement our security initiatives.
  • Risk Management:
    • Conduct regular risk assessments and vulnerability scans using tools like Rapid7 IVM and internal tracking systems.
    • Oversee the development and implementation of incident response plans and conduct tabletop exercises with DevOps team members..
  • Compliance and Audit:
    • Ensure compliance with relevant regulations and standards, including HITRUST, NIST, DirectTrust, HIPAA, and SOC 2 (Type II), ISO.
    • Manage internal and external security audits, including evidence collection and preparation.
    • Oversee the evidence collection process for audits, working with third-party auditors for response submission.
    • Work closely with business development and legal to assist with security compliance requirements.
    • Assist with identifying and implementation of international security compliance.
  • Policy and Procedure Development:
    • Develop, review, and update information security policies and procedures, such as the Vulnerability and Patch Management Procedure and Data Center Access Procedure.
    • Ensure policies are communicated and enforced throughout the organization, including through security awareness training.
  • Security Operations:
    • Participate in the day-to-day operations of the security team and manage security tools and technologies, including Check Point, SentinelOne, and intrusion detection systems.
    • Monitor security alerts and respond to incidents, including phishing attempts reported through the various tools.
  • Team Management:
    • Lead and mentor the security team, reviewing tasks and responsibilities working closely with the DevOps team members.
  • Vendor Management:
    • Evaluate and manage security vendors, including VDA Labs, KnowBe4, reviewing security agreements and contracts.
    • Perform vendor audits and maintain required documentation.
  • Security Awareness:
    • Develop and deliver security awareness training to employees, including utilizing KnowBe4, TalentLMS and internal training programs.
    • Provide onboarding training for new employees.
  • Budgeting and Planning:
    • Develop and manage the security budget, planning and prioritizing security projects, including funding for tools and conferences.
  • Sales and Business Development:
    • Perform first pass responses to RFI/RFP for new business deals working closely with the sales team
Required Qualifications
  • Education:
    Bachelor's degree or equivalent work experience.
  • Experience:
    • 10+ years of experience as a CISO or similar role, with at least 3 years of security-related leadership.
    • Proven background in systems administration.
    • Experience leading teams.
  • Certifications:
    • Certified Information Systems Security Professional (CISSP) required.
  • Skills & Knowledge:
    • Expertise in vulnerability testing, penetration testing, and developing security practices.
    • Knowledge of standards-based architecture, compliance monitoring, and enforceability.
    • Strong leadership skills with the ability to motivate and guide teams.
    • Experience in healthcare or other highly-regulated environments.
Preferred Qualifications
  • Experience in healthcare or other highly-regulated industries.

Salary Details:

Base salary range: $145,000-$170,000

Why Join Us?

At MIE and Enterprise Health, we offer more than just a job. We provide an environment where innovative thinking is encouraged, teamwork is valued, and growth is fostered. Our comprehensive benefits package includes:

  • Competitive compensation
  • Comprehensive benefits package including medical/dental/vision insurance
  • 401k with company match
  • Unlimited Paid-Time off
  • Quarterly bonus program
  • Flexible work schedule
  • Remote work

Medical Informatics Engineering and Enterprise Health are equal-opportunity employers. We celebrate diversity and are committed to creating an inclusive environment for all employees.