DevSelect
Security Assessment Analyst
DevSelect, Seattle, Washington, us, 98127
Position:
Security Assessment Analyst
Number of openings:
2
Type:
Contract
Duration:
8 months
Industry:
Healthcare
DevSelect has a local client looking to fill 2 positions on their Security team for 8 months. Below is a description and skills list for the desired candidates:
Conducting Express AssessmentsExpress Assessments are simple yes/no questionnaires designed to quickly assess a system's compliance with the 100 HITRUST Common Security Framework (CSF) controls that directly align with HIPAA and HITECH regulations. Assessors will be expected to complete the following tasks:
Identify inherited organizational controls and likely threats based on a system's Environment Survey
Guide system owners and administrators through completion of the Express Assessment Questionnaire in face-to-face interviews
Identify control gaps between implemented or planned controls and required controls
Record findings in the risk registry
Assemble reports using standardized risk statements and mitigation recommendations
Present findings to system owners and administrators
Deliverables:
Three Express Assessments completed each week
Conducting Standard AssessmentsStandard Assessments are an extension of the Express Assessment process that requires the system owner or administrator to document implemented or planned controls. Control documentation is evaluated by the assessor against the 100 HITRUST CSF controls that directly align with HIPAA and HITECH regulations. Assessors will be expected to complete the following tasks:
Identify inherited organizational controls and likely threats based on a system's Environment Survey
Guide system owners and administrators through completion of the Express Assessment Questionnaire in face-to-face interviews
Assist system owners in documenting implemented or planned controls
Assess documented controls to determine if they are sufficient to mitigate risk
Write risk statements and mitigation recommendations
Record findings in the risk registry
Write reports in the standard format
Present findings to system owners and administrators
Track findings and mitigation plans
Deliverables:
One Standard Assessment completed each week
Required skills
Experience conducting risk assessments
Thorough understanding of HITRUST CSF, NIST RMF, and/or ISO ISMS
Excellent oral and written communication skills
Ability to communicate and work with technical and non-technical people
Ability to work with minimal supervision
Desired skills
Experience working in academic healthcare
SharePoint design/development
Experience developing or managing Linux, Windows, and/or healthcare applications
#J-18808-Ljbffr
Security Assessment Analyst
Number of openings:
2
Type:
Contract
Duration:
8 months
Industry:
Healthcare
DevSelect has a local client looking to fill 2 positions on their Security team for 8 months. Below is a description and skills list for the desired candidates:
Conducting Express AssessmentsExpress Assessments are simple yes/no questionnaires designed to quickly assess a system's compliance with the 100 HITRUST Common Security Framework (CSF) controls that directly align with HIPAA and HITECH regulations. Assessors will be expected to complete the following tasks:
Identify inherited organizational controls and likely threats based on a system's Environment Survey
Guide system owners and administrators through completion of the Express Assessment Questionnaire in face-to-face interviews
Identify control gaps between implemented or planned controls and required controls
Record findings in the risk registry
Assemble reports using standardized risk statements and mitigation recommendations
Present findings to system owners and administrators
Deliverables:
Three Express Assessments completed each week
Conducting Standard AssessmentsStandard Assessments are an extension of the Express Assessment process that requires the system owner or administrator to document implemented or planned controls. Control documentation is evaluated by the assessor against the 100 HITRUST CSF controls that directly align with HIPAA and HITECH regulations. Assessors will be expected to complete the following tasks:
Identify inherited organizational controls and likely threats based on a system's Environment Survey
Guide system owners and administrators through completion of the Express Assessment Questionnaire in face-to-face interviews
Assist system owners in documenting implemented or planned controls
Assess documented controls to determine if they are sufficient to mitigate risk
Write risk statements and mitigation recommendations
Record findings in the risk registry
Write reports in the standard format
Present findings to system owners and administrators
Track findings and mitigation plans
Deliverables:
One Standard Assessment completed each week
Required skills
Experience conducting risk assessments
Thorough understanding of HITRUST CSF, NIST RMF, and/or ISO ISMS
Excellent oral and written communication skills
Ability to communicate and work with technical and non-technical people
Ability to work with minimal supervision
Desired skills
Experience working in academic healthcare
SharePoint design/development
Experience developing or managing Linux, Windows, and/or healthcare applications
#J-18808-Ljbffr