The primary responsibilities for this position will include conducting operational and technical information security assessments against the HITRUST CSF. In addition, this position will require contributing to client projects in which appropriate security controls to address gaps found during the assessments are recommended. This position offers considerable growth potential as Intraprise Health expands its services and solutions and grows its client base.  This position will receive a high degree of coaching and knowledge development in the field of information security and will work directly with senior information security consultants on client-facing projects. 

As the leading security and privacy framework in the healthcare industry, HITRUST serves to benchmark, remediate, monitor, and mature an organizations security/privacy management program. In this role, you will be at forefront of helping our customers achieve this. 

A strong leadership and collaborative background, willingness to learn and good work ethic will be necessary for success in this position. The employee will gain hands on experience while participating in critical business projects aligned with company goals.  

Roles and Responsibilities: 

• Critical thinking and initiative to learn new areas  
• Understanding of/experience in the healthcare industry a plus 

• Security +, SSCP, or more advanced security certification highly preferred (current or pursuing) 
• If not currently certified, willingness to pursue certification as an employee required 
• Excellent communication skills required 
• Assist the business unit executive in managing the overall HITRUST service project schedule. 
• Direct and frequent involvement in sponsor, client, and customer relations to ensure that service expectations are met. 

• Identify, document, and driving issues and risks to resolution / mitigation and when necessary escalate to leadership for assistance. Develop decision documents for options to resolve issues / risks. 
• Adhere to Program Management Office policies, procedures and methodologies.  
• Assist in establishing and improving project management methodologies, procedures and policies. 
• Stay current on all HITRUST CSF advisories, CSF versions and applicable regulatory factors. 
• Knowledge on threat landscape, security threat and vulnerability management, and security monitoring and analytics. 

• Responsible for tracking and managing submission tasks. 
• Experience in customer-facing projects a plus 
• Other duties, tasks and responsibilities, as needed. 

Required/Preferred Skills: 

• Proficient in conflict management and project management. 

• Experience and familiarity with HIPAA, HITRUST, SOC 2, and NIST CSF. 
• Proven experience working on projects that have significant business implications. 
• Experience with projects that have multiple stakeholders. 
• Ability to manage engagements with -executive level- visibility and interaction. 
• Excellent communication skills. 

• Ability to handle high pressure situations with key stakeholders. 
• Working knowledge and experience with MS office with proficiency in Excel. 

Educational Qualifications: 

• Bachelor’s Degree in Business, Management of Information Systems, or equivalent experience 
• Additionally, one or more certification in information security domain is preferred. 

• CISSP 
• PMP 
• HCISPP 
• Security+ 

If interested please send resume to jobs@intraprisehealth.com and reference HITRUST/Information Security Consultant in the subject line

• Location – Westchester, PA/Remote 
• Total Experience – 2-5 years 
• No. of openings: 03 
• Travel – Up to 25% 

Why Work Here?  

• Collaborate with passionate Healthcare IT Security Professionals.  
• Fast-paced environment.  
• Exposure to a multitude of products, technologies, service-lines, and disciplines.  
• Flexible work environment, schedules, etc.  
• Ample growth opportunities.  

About Intraprise Health  

Intraprise Health is an award-winning eHealth cybersecurity solutions firm and a Certified HITRUST Assessor.  

We provide tech-enabled health information security products and services to assess, remediate, and monitor our customers’ cybersecurity risk, regulatory compliance programs, organizational resilience, and related third-party vendors’ security posture.