Healthcare Information Security Analyst - 2047101474

DESCRIPTION/RESPONSIBILITIES: What to Expect Schedule: Monday - Friday

Location: Hybrid work location working on-site in our Pittsburgh, PA office 3 days per week and from a work from home location 2 days per week.

Our comprehensive total rewards support you, your family, and your future with:  * Medical, dental, and vision insurance  * 401K + 5% company match  * Tuition assistance up to $5k per year  * Free basic life and AD&D insurance  * Free short-and-long-term disability insurance  * Paid time off  * Employee Resource Groups  * Recognition and perks

As a Healthcare Information Security Analyst, you'll get to:  * Establish, manage, and enforce Security Rule safeguards and any subsequent rules issued by OCR, ONC, FDA, NIST, CISA, and other regulatory bodies.  * Integrate information security and HIPAA compliance with the Hemophilia Center's business strategies and requirements.  * Address access controls, business continuity, disaster recovery, and incident response as part of assigned duties.  * Coordinate security awareness efforts, including staff training, in collaboration with the CISO and HIPAA Privacy Officer.  * Conduct risk and vulnerability assessments and audits for covered entity operations, Business Associates, and third parties.  * Investigate information security incidents and data breaches while implementing measures to prevent and contain future occurrences.  * Participate in the HIPAA governance committee to maintain consistent HIPAA compliance across the organization.  * Facilitate collaboration between the Hemophilia Center, the CISO, and the HIPAA Privacy Officer .

Requirements Knowledge/ Education  * Bachelor's degree in health information management, information technology, cybersecurity or equivalent combination of education and experience required.  * Demonstrated knowledge of HIPAA Security Rule and application state and federal security and privacy legislation required.  * Knowledge of the HIPAA privacy rule required.

Licenses/ Certifications  * Security certification (e.g., GIAC, CISSP) in security management from a nationally recognized organization preferred.  * Certification as Registered Health Information Administrator (RHIA) or equivalent preferred.

Experience  * Five years of related experience required.  * Experience in information security concepts, standards, and best practice required.  * Familiarity with HIPAA regulations and healthcare compliance required.  * Three years' information security experience in a regulated environment, healthcare preferred.

Skills/ Abilities  * Must possess the skills and abilities to successfully perform all assigned duties and responsibilities.  * Must be able to communicate complex and technical concepts in layperson's terms.  * Must be comfortable working with minimal supervision and employing informal leadership and emotional intelligence skills to achieve goals and objectives.  * Must be able to maintain confidentiality.  * Must have analytical, statistical, personal organization, and problem-solving skills.  * Able to organize, prioritize, and execute a variable workload and multiple priorities.  * Effective oral and written business communication skills.  * Ability to work in a team environment and participate as an active member of management.

EEO/Minorities/Females/Disabled/Veterans