Security Audit and Compliance Lead- HITRUST

Remote, United States

Datavant Remote-first

Published 1 month ago

Hey, this job isn't fresh anymore! 👉 Find fresh remote jobs here

Datavant is a data logistics company for healthcare whose products and solutions enable organizations to move and connect data securely. We are a data logistics company for healthcare whose products and solutions enable organizations to move and connect data securely. Datavant has a network of networks consisting of thousands of organizations, more than 70,000 hospitals and clinics, 70% of the 100 largest health systems, and an ecosystem of 500+ real-world data partners.

By joining Datavant today, you’re stepping onto a highly collaborative, remote-first team that is passionate about creating transformative change in healthcare. We hire for three traits: we want people who are smart, nice, and get things done. We invest in our people and believe in hiring for high-potential and humble individuals who can rapidly grow their responsibilities as the company scales. Datavant is a distributed, remote-first team, and we empower Datavanters to shape their working environment in a way that suits their needs.

As a leader within the larger Information Security organization, your mission is to help Datavant in achieving and maintaining HITRUST. You have deep expertise in developing, managing, and executing HITRUST compliance audits. You are an experienced industry professional with the keen ability to understand IT security processes, controls, and communicate across a variety of audiences. You will join our team in leading the HITRUST roadmap for Datavant.

You will:

Develop, implement, and manage a comprehensive HITRUST compliance program that aligns with industry standards and ensures ongoing compliance.
Develop and maintain project plans, timelines, and milestones for HITRUST certification.
Facilitate audit procedures and evidence gathering with external auditors and internal partners
Communicate effectively and regularly with internal teams, external auditors, and customers
Manage a wide range of compliance and control efforts relating to HITRUST and audits; coordinate remediation efforts throughout the organization, analyze risks, and implement mitigation actions
Create a comprehensive HITRUST program utilizing unified control frameworks and monitoring of controls to ensure alignment with other control frameworks such as NIST CSF, CIS, etc.
Oversee issue, gap and remediation plans, compensating and mitigating control activities and retesting; scale and standardize the deviation process.
Create standard operating processes for managing changes to the control environment, managing HITRUST, and guiding control owners in readiness.
Liaise with customers and auditors, articulating control implementation, and describing considerations for applying security and compliance concepts to a technical environment.