HIPAA Manager/Practice Lead
(See all job postings)
STATUS: FULL-TIME EXEMPT
CyberGuard is an IT Security Audit and Compliance Firm based in the United States and serves clients around the globe. Our leadership team has over 150 years of combined business management, operations, and related information technology (IT) experience. CyberGuard has performed thousands of SOC, PCI, HITRUST, ISO 27001 and other IT audits. Unlike most traditional CPA firms which focus on financial statement auditing and tax compliance, CyberGuard focuses on Cybersecurity (InfoSec) and IT security compliance related services.
CyberGuard Compliance offers a competitive salary commensurate with your experience. We strive to enrich our team’s lives and offer various health and wellness benefits, paid time off, and an environment that celebrates continuous learning and development.
CyberGuard Compliance promotes diversity of thought, culture, and background. We celebrate what makes us different and are committed to building a team that represents various experiences. All employment is decided based on qualifications, merit, and business need.
The HIPAA Manager will be responsible for building an inhouse HIPAA program. You come from a background that is used to interacting with a diverse group of people. You have the knowledge and experience of HIPAA assessments and security to complete projects independently. You are highly motivated, thriving in a rapidly changing environment and are quick to learn new systems. Along with building a HIPAA program you will serve as a liaison with the external clients and coordinate with the Sales, Delivery, Reporting, and Accounting Departments.
This position has no direct supervisory responsibilities.
ESSENTIAL DUTIES AND RESPONSIBILITY
- Execute HIPAA Security and privacy assessments from start to completion without assistance, within budget and timeline.
- Build up a HIPAA compliance practice that performs audits on small to Enterprise level entities.
- Be considered an SME on HIPAA by previous clients.
- Lead client audit engagements from start to completion, which includes coordinating, executing, and reporting on internally staffed and co-sourced audits.
- Design and create test procedures for HIPAA security and privacy controls testing.
- Lead and perform multiple projects and balance competing priorities in a rapidly growing, fast-paced, team environment.
- Lead all aspects of audits, including risk assessments, audit planning, audit testing, control evaluation, draft report review, and follow-up and verification of issue closure.
- Manage engagement project plans, timelines, budgets, and economics.
- Document and review audit workpapers, results, and reports.
- Complete assignments in an efficient manner while ensuring high quality is maintained.
- Perform audit work in accordance with firm methodologies and professional standards.
- Manage and perform position duties to ensure annual targets and goals are met.
- Conduct interviews with client personnel, and address client questions regarding clarification of controls and processes.
- Present and communicate status and findings to clients.
- Proactively interact with key client management to gather information, resolve problems, and identify recommendations for business and process improvements.
- Develop working relationships with personnel from various functional areas.
- Acquire an understanding of clients’ business, including objectives, services, operations, processes, IT systems, and controls.
- Demonstrate and maintain technical competency in audit, compliance, and security areas.
- Continue to learn from daily job experience and the study of internal audit standards, procedures, tools, and techniques.
- Research and recommend process, security, technology, operations, and compliance enhancements.
- Participate in team and company-wide initiatives aimed at continually improving firm processes and offerings.
- Occasional evening and weekend work may be required as job duties demand.
- Perform other duties and responsibilities as needed.
REQUIRED EDUCATION, EXPERIENCE AND CERTIFICATION
- A background in HIPAA Security and Assessments and the ability to interact and effectively communicate with all levels and positions within an organization.
- Have prior experience building up a HIPAA compliance practice that performs audits on small to Enterprise level entities.
- Bachelor’s or Master’s degree in relevant field strongly preferred. Extensive relevant experience and several relevant certifications required in lieu of a Bachelor’s degree in the relevant field of study.
- Hold relevant certifications (e.g., CISA, CISM, CISSP, CGEIT), or able to obtain within one year of employment.
- 6+ years of experience in performing HIPAA risk assessments, HIPAA remediation activities, and HIPAA advisory services.
- Awareness of other prevailing IT risk management and cybersecurity risk management standards (COBIT, NIST CSF, ISO, etc.).
- Understanding of cloud platforms and technologies is preferred.
- Experience as a successful HIPAA auditor.
- A successful background in both consulting and industry.
- Proficiency with or the ability to quickly learn the organizations software systems.
- Strong project management, time management, analytical, interpersonal, attention to detail, and organizational skills.
- Professional interpersonal skills with a dedication to superior client service.
- Ability to build effective internal and client relationships with a positive and cooperative attitude.
- Willing to take personal responsibility/accountability, and to go beyond expectations.
- Ability to work independently with minimum supervision and prioritize multiple objectives in a rapidly changing environment.
- Sound judgment and ability to maintain utmost confidentiality.
- Ability and willingness to travel, (up to 15% travel).
This job operates in a professional virtual remote work environment. While performing the essential functions of this job, the employee is required to stand and sit for prolonged periods. Specific vision abilities required include close and medium distance vision and the ability to adjust focus. Must be able to hear normal sounds, distinguish sound as voice and communicate through human speech. This position requires the ability to routinely operate a keyboard, computer mouse, telephone, fax, scanner, copier, writing tools, scissors, and other standard office equipment. On an occasion, an employee will be asked to lift items weighing up to 25 lbs.
Matching 401k Plan
Paid Sick Time
Unfortunately, at this time, we can’t consider candidates that require sponsorship or are outside of the United States.
CyberGuard Compliance, LLP is an Equal Opportunity Employer.