5+ years of information security and compliance assessment experience.
Working knowledge of information security frameworks and regulations such as ISO27001, CSF, HIPAA, HITRUST, SOC2 and Security Breach Notification.
Experience in the healthcare industry, including proven experience working with the HIPAA Security and Privacy Rules, as well as the HITRUST Common Security Framework (CSF).
An understanding of information security technologies, including application security, access management, and data protection.
Experience and knowledge of healthcare operations and business processes Experience with information security audit procedures.
Experience assessing security vulnerabilities using other frameworks such as PCI-DSS, FedRAMP, ISO, SOC2, etc. Security Certifications such as CISA, CISM
Excellent communication skills, both written and verbal.