WSAudiology is a global leader in the hearing aid industry. Together with our 12,000 colleagues in 130 countries, we invite you to help unlock human potential by bringing back hearing for millions of people around the world.
Our portfolio of technologies spans the full spectrum of hearing care, from distinct hearing brands and digital platforms to managed care, hearing centers and diagnostics locations.
ESSENTIAL DUTIES AND RESPONSIBILITIES:Risk Management
Provides development guidance and assists in the identification, implementation and maintenance of the Company's privacy and security policies and procedures in coordination with HIPAA, FedRamp or PCI.Performs information security risk analysis and periodic information system activity audits to assess the risk level and vulnerabilities of the security processes. Results of security audits will be reviewed for corrective action to address any identified vulnerabilities.Training and Awareness
Assists the HIPAA Privacy Officer in developing training and orientation on HIPAA policies and oversees the delivery of security training to Company Staff and facilitates and promotes activities to foster information security awareness within the Company.Compliance
Coordinates the information security compliance activities and ensures compliance with the Company's security practices are consistently applied by Company Staff, contractors and business associates of the Company and will report failure to comply to Company management for further action.
Works with the HIPAA Privacy Officer to review system-related information security plans throughout the Company's network to ensure alignment between security and privacy practices.
Monitors internal control systems to ensure that appropriate information access levels and security clearances are maintained. Access levels to PHI are assigned according to job function and terminated when employment of a Company Staff member ends.Customer and Supplier Assurance
Support the implement supplier security governance frameworks and policies. Conduct security assessments and audits of suppliers to ensure compliance with organizational standards and industry best practices. Collaborate with suppliers to address identified security gaps and ensure the implementation of effective security controls. Maintain an up-to-date inventory of supplier security postures and risk profiles. Monitor supplier compliance with contractual security requirements and regulatory standards.REQUIREMENTS:CISM, CRISC, COBIT, CISSP certification or equivalent preferred.Minimum 10 years of experience in security governance, risk assessment, compliance and audit; operations/administrations experience in various security technology (e.g. SIEM, AV, EDR, PAM).Minimum 10 years of experience in performing enterprise risk assessment, with proven track record in planning, coordinating and executing these assessments based on recognized standards and requirements.Familiar with current security technologies and overall security threat landscape, and strategy to overcome common challenges in information security implementation and operation.Knowledge of network infrastructure and database applications; knowledge in dealing with HIPAA, FedRamp, PCI and other relevant legislations.Possess critical thinking, complex problem-solving skills and has a strong risk and control mindset.Must be a self-starter and team player with strong communication and influencing skills and the ability to work effectively across.Must maintain up-to-date knowledge of IT and information security technology and threat trends, as well as general strategy to overcome IT and information security risks.The Company provides equal opportunity to all employees and prospective employees without regard to race, color, creed, religion, national origin, ancestry, sex, age, physical or mental disability, marital status, pregnancy, genetic information, sexual orientation, gender identity, protected veteran or military status, or any other consideration not related to the person's ability to do the job or otherwise made unlawful by federal, state, or local law.
#J-18808-Ljbffr