Information Security Analyst

Guided by the by HIPAA/HITECH Security Requirements, the Office of Civil Rights (OCR) audit protocols, the Health Information Trust Alliance’s (HITRUST) Common Security Framework (CSF), and emerging lessons learned from the Office of Inspector General (OIG), BluePrint combines the science of fact-based risk analysis with the art of our consultants’ extensive experience in technology, security and privacy to derive overall risk.

BluePrint encourages client partnerships to enhance evolving security needs supporting healthcare transformation. By actively engaging senior executives and team members, we are able to not only mitigate risk, but analyze findings to expose overall trends that point to underlying or foundational issues. BluePrint’s proven methodology achieves real gains in data protection and risk mitigation to align every organization’s business and strategy objectives.

Overall Responsibility:

The primary responsibilities for this position will include managing and performing technical information security assessments for networks, systems, applications and databases according to the HIPAA Security Rule and various other standards such as NIST, ISO, and HITRUST depending on the specifics of the engagement. In addition, this position will require recommending appropriate security controls to address vulnerabilities found during the assessments and ongoing consultation with clients regarding remediation of identified risks and sales support in terms of cost estimation for prospective engagements and proposal contribution and review. This position offers considerable growth potential as BluePrint expands its services and solutions and grows its client base. The ideal candidate will have experience effectively planning and conducting technical security tests and evaluating networks, systems, applications and databases for healthcare organizations, and managing project efforts of team members. In addition, the candidate must have experience in the following: information security controls and best practices, project management, regulatory compliance and IT auditing. Candidates will be expected to be team oriented with a significant business acumen to ensure our client’s business objectives and goals are reached.

Qualifications:

  • 3-5 years information technology experience required
  • 3+ years Information security vulnerability assessment, evaluation, and remediation
  • 3+ years IT systems or network administration experience
  • 1+ years technical/penetration testing experience
  • 2+ years application development experience preferred
  • Demonstrated project management skills; must plan and manage multiple concurrent customer engagements, report on progress, identify and communicate risks and issues, and meet schedule, scope, and profitability targets
  • Experience in risk management and compliance preferred
  • Ability to recognize opportunities for process improvement and increased efficiency, and effectively work with management to define and implement enhancements
  • Healthcare background preferred (hospital, pharmaceutical, medical devices, etc.)
  • PCI or other regulatory background preferred
  • Excellent written/verbal communication & interpersonal skills

Education:

  • Bachelor’s degree preferred
  • Security + required; CISSP, CISM or HCISPP certification preferred
  • Technical Certifications a plus, i.e. SANS, CEH, CCSP, MCSE

Job Location: Main Office is located in Cranbury, NJ (Daily travel to client sites within NJ and the tri-state area is required, some potential for national travel); possible remote work opportunities.

Experience Requirements:

  • Proven execution record of leading an information security program (five years in management)
  • Bachelor’s degree in computer science or business or equivalent experience required
  • Two years’ experience in a similar position or five years management experience in an information systems environment
  • Information Security Certification (CISSP, GSEC or CISM) required
  • HITRUST Certification Preferred
  • Project Management certification (PMP or equivalent) preferred


Job Location: Tri-State Area / some US travel

Reports To: VP & CISO, SPAC

Job Role: Director

Joining Date: ASAP

Employment Status: Full Time

Employment Type: Employee

Manages Others: Yes

Department: S-PAC

 If interested in this open position, please send your resume to Kimberly Gollinot, Employee Services Manager.