Description
Security Consultant needed in Pasadena, CA - WE WANT TO TALK TO YOU!
As a global business and technology consulting services leader, Enclipse focuses on delivering tangible solutions.
By employing a team committed to questioning and challenging the status quo, Enclipse has established a culture that encourages independent thought, innovation, and flexibility.
If you join Enclipse, you can expand your technology platform while working for the Nation's most dynamic Health Care Leader.
We Provide:
- Class A Benefits that Start ASAP
- The Personal Touch -- You deserve it, We deliver it!
BB38459
Contract to Hire
Contract Terms: W2
Pasadena, CA 91124
CONTRACT TO HIRE OPPORTUNITY:
The SOX and Compliance Sustainability Lead provides subject matter expertise from technical, project management and business consulting perspective in support of Care Delivery BIO SOX and Compliance activities. Members of this team work across a number of SOX related initiatives to ensure appropriate processes, procedures and controls are adequately designed, implemented or remediated to meet audit and compliance expectations, operating efficiency goals, and other business objectives.
The continued evolution of Health Care reform has driven unprecedented changes in the regulatory and Compliance landscape within the Health Care industry. In the Care Delivery BIO, you will be responsible for partnering with business and technology constituencies to address these evolving challenges by embedding risk management and compliance management competencies into day to day activities. The success of this team requires dedicated professionals who possess the analytical, feasibility, relationship and executive summary skills needed to form highly reliable risk management strategies to meet various SOX/Compliance requirements.
At the Consultant/Specialist level you will provide advanced compliance analysis and consultation for the Care Delivery BIO SOX and Compliance Organization. In addition, you will possess the analytical, feasibility, business case and executive summary skills needed to form highly reliable risk management strategies to meet various compliance requirements.
Essential Functions:
Developing an in depth understanding of the broad regulatory landscape impacting CLIENT business areas. Remain current with emerging regulatory sentiments as well as solution trends in the marketplace.
Assessing the impact of laws and regulations on CLIENT systems and technology. Work with other risk organizations to shape organizational control policies and standards.
Lead risk/security assessment studies to validate perceived risks. Perform interviews, document design assessments, and walkthroughs of key controls (both new and existing).
Lead cross-functional remediation teams in developing processes using requirements gathered from clients and engineering.
Exhibit pragmatism in formulating process remediation and implementation strategies, defining work tracks; and submitting assessment findings and recommendations
Design sustainment strategies and measurement systems to ensure that requirements can continue to be maintained over time.
Develop and nurture trusted relationships with Business Partners, CLIENT IT Executives, Security & Compliance Officers and other Compliance Team Members to gain consensus approvals on strategies, recommendations, findings, project plans, etc.
Serve as single-point-of-contact for assigned applications or application groupings by providing SOX guidance directly relevant to an application's architecture and technology landscape.
Day to day tasks include information gathering, documenting existing processes, issues and recommendations in support of our strategies; collate and produce executive summary presentations related to findings and recommendations; develop design and drive remediation work streams. Other tasks may include working with project teams, participating in the development of design requirements, business cases to ensure compliance requirements are met. Work proactively with project and program managers to resolve issues.
Scope of the project:
This is a contract to hire opportunity and not project based. The nature of the work is SOX and HIPAA compliance design work and corrective remediations
Top 3 preferred skills: Working knowledge and experience with
1. Designing and implementing SOX and HIPAA IT controls,
2. Audit of IT controls using COBIT based approach,
3. Ability to write/author compliance narratives
Top 5 daily responsibilities:
1. Discovering/designing/documenting solutions for out of compliance instances,
2. Authoring impact assessments/risk analyses,
3. Driving remediation for Corrective Action Plans (CAPs),
4. Developing controls requirements for new application implementations,
5. Incident management
# of team members: 10
Who will contractor report to: Nadine Turner, Manager SOX & Compliance, CD BIO
Will they have any direct reports: No
Top 3 preferred personality traits:
1. Curiosity and drive to "fix/remediate" issues,
2. Team-minded orientation with a desire to collaborate
3. Ability to listen, receive feedback and adjust as needed
Education requirements:
Formal degree not required. Must have business experience establishing expertise and/or any of the recommended certifications listed in the requisition
Will the contractor be working in a medical facility more than 50% Y/N: No
Travel required: Negligible
Basic Qualifications:
Bachelor's degree in related field and/or 4 years of equivalent experience.
A minimum of 12 years of experience in documenting functional requirements, analyzes business process, and develops business cases to support IT solutions.
8+ years technology risk management experience and at least 4 years SOX experience (eg Audit, SOX, Compliance, etc.) in a highly regulated industry. This would include the following disciplines:
a. Current information security and compliance vendor landscape
b. Control frameworks such as COSO and COBIT
c. Regulatory requirements in particular: SOX, HIPAA, PCI-DSS, Privacy
Candidate should demonstrate versatility with a track record of experience in interpretation and application of a broad spectrum of regulatory imperatives.
Proven Experience in performing broad scale, complex IT Security Assessments.
Excellent written and verbal communication skills, with strong expertise in Excel and Powerpoint..
Strong client relationship focus with business sponsors, enterprise architects, and information security engineers to articulate business case and technology options.
Ideal candidate is a change driver and has a strong track record of influence in very large, consensus-driven organizations.
Candidate functions effectively as both a Manager as well as an individual contributor.
Solid understanding of Enterprise Risk Management and Strategy frameworks as well as understanding of current enterprise threat scenario as related to healthcare
The Business Consultant Consultant/Specialist will be required to know or learn the CLIENT-IT program and process methodology and to execute it within the established CLIENT and CLIENT-IT organizational framework and oversight processes.
Preferred Qualifications:
Certified Information Security Analyst/Manager (CISA/M) designation
Experience in internal consulting and customer account management; defining engagement scope, negotiating commitments, gathering requirements, defining deliverables, designing integrated solutions, and overseeing technical implementations considered a plus
Minimum four years experience as a SOX Auditor, with strong GCC (all domains) and information security background including current vulnerabilities
Proven experience proposing enterprise level solutions to mitigate risk of receiving a material weakness in IT general controls
Experience in the health care industry