Senior Consultant , IT Audit

at  CLEARWATER SECURITY COMPLIANCE LLC

ABOUT US

Clearwater Security and Compliance LLC is the leading provider of cybersecurity, risk management, and HIPAA compliance software, consulting, and managed services for the healthcare industry. Our solutions enable organizations to avoid preventable breaches, protect patients and their data, meet regulatory requirements, and optimize cybersecurity investments. More than 400 healthcare organizations, including 70 of the nation’s largest health systems and a large universe of physician groups and digital health companies, trust Clearwater to meet their cybersecurity and compliance needs.

REQUIREMENTS

The Consultant will be responsible for supporting the Consulting Services Team in delivering cyber security risk and audit management services, solutions and tools to Clearwater customers. This position requires a initiative to read, study, ask questions and learn Clearwater’s solution and service offerings, sales process, marketing materials, contract and SOW structure, methodologies, delivery standards, work tools and processes. The Consultant must rapidly embrace and become a subject matter expert and customer ambassador for Clearwater’s IRM|Pro® Software-as-a-Service (SaaS) suite.
The Consultant will dedicate 80-95% of their time working directly with Clearwater customers performing billable services. The remainder of time should be focused on authoring blogs, creating and delivering team and/or customer educational presentations, earning/retaining relevant professional certifications, networking with other professionals and participating in relevant professional organizations and events.

EXPERIENCE REQUIRED

• The candidate must hold a Certified Information System Auditor (CISA) certification (or obtain one within 12 months of hire) and must be knowledgeable and have relevant experience performing information systems audits, information systems risk analyses, and others.
• The Consultant should have excellent analytic and problem-solving skills in the information systems, security and/or privacy space. Excellent written, verbal and presentation communication skills in a customer setting is necessary.
• This position requires the ability to study and learn new subject matter and context quickly including the DEA regulations, HIPAA regulations, enforcement, and OCR audit protocols, as well as the NIST Information Risk Management framework processes. Significant interaction with both internal and external stakeholders, including colleagues, customers, partners, subcontractors, and potential investors is necessary.
• Clearwater Consultants must have strong customer service orientation and the ability to work independently on a variety of projects simultaneously, exercise good judgement and possess initiative to manage priorities.
  Requirements:

QUALIFICATIONS, SKILLS, & KNOWLEDGE

• Bachelor’s Degree
• Certified Information System Auditor (CISA) certification or the ability to obtain within 12 months of hire
• Ability to travel for the purposes of delivering customer engagements 40 – 60% of the time
• Digest SOWs, prior customer proposals, project notes, deliverables, and final reports; assimilate prior experience, relevant subject matter, data, facts, and results; and develop relevant questions of colleagues so as to hasten understanding scenarios, methodologies, processes, and “lessons learned”
• Study, earn and retain relevant additional professional certifications. Network with other professionals, participate in relevant professional organizations and events
• Author blogs, create and deliver team and/or Customer educational presentations
• Develop trusting relationships with a variety of healthcare compliance and information system professionals.
• While not required for this position, an ideal candidate will have experience performing EPCS certifications and related assessments, WebTrust, SysTrust, or SAS 70 audits.

• Complete consulting services engagements as assigned, in accordance with Statements of Work, Clearwater work standards, any relevant customer policies, and utilizing Clearwater templates and defined work processes; including, but not limited to:
  o Clearwater Audit Services, including EPCS Certifications
  o Clearwater Risk Analysis WorkShop™
  o Clearwater Risk Response WorkShop™
  o Clearwater HIPAA Security Assessment WorkShop™
  o Clearwater HIPAA Privacy and Breach Notification Assessment WorkShop™
  o Clearwater Remote Risk Analysis for Medical Practices/SMBs™
  o Clearwater Information Risk Management Capability Assessment™
  o Clearwater Strategic 9/10-Point HIPAA Compliance Assessment™
  o Interim Privacy/Security Officer engagements
  o Clearwater Consulting Services related to development of HIPAA policies and procedures; HIPAA compliance and/or security controls gap remediation; Business Associate management

o Clearwater Cyber Risk Services™

• Study, learn, test, document, execute and seek to continuously improve scalable consulting services processes, end-to-end to effectively deliver customer engagements while achieving a high level of Customer satisfaction
• Develop, document, test, and continually improve training programs and materials to support and encourage Customer adoption and retention of Clearwater SaaS software
• Provide technical sales support services as assigned, especially in creation of information asset inventories, project analysis and estimation of effort
• Customizing and continuously improving customer initial engagement, kick-off, planning and on-site presentations
• Develop and continuously improve tools and templates (Basecamp project and to do Lists; report templates; surveys; worksheets; etc.) used in delivering customer engagements and training subcontracted resources.
• Actively participate in development of strategies and development and execution of tactics supporting business development activities
• Conduct on-line SaaS training and orientation sessions with customers
• Participate and present in Clearwater educational and promotional activities and events such as delivery of HIPAA and information risk management educational webinars, customer council meetings, and the like
• Assist with development of test cases and provide support with testing SaaS software
• Assist with other assignments befitting skill, knowledge and experience set,
• Actively participate with team in development of strategies and development and execution of tactics supporting the growth and scalability of the company.