HIPAA SME/Technical Analyst - OCR (Remote/Hybrid)
Chickasaw Nation Industries

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.

Please note that CNI is closely monitoring Executive Orders and will be following any final decisions or mandatesregarding the COVID-19 Vaccination as a federal contract provider.

*Preference will be given to local candidates due to the need for on-site presence at least one day/week as part of the hybrid/remote work arrangement.

SUMMARY

The HIPAA Subject Matter Expert/Technical Analyst supports the Health and Human Services (HHS), Office for Civil Rights (OCR). This position promotes the right to access health information and protection of the privacy and security of this information. These highly trained and highly skilled consultants and

analysts are integral to the success and performance of OCR and to further OCR's mission.

ESSENTIAL DUTIES AND RESPONSIBILITIES

Essential duties and responsibilities include the following. Other duties may be assigned.

Reviews security and privacy complaints, data breach notification and cybersecurity incident reports and other correspondence and evidence to determine whether complaints, self-reported breaches or breach notification reports indicate non-compliance with the HIPAA Security Rule. Reviews data provided by the healthcare organizations across the nation to assess the overall impact of security and privacy incidents.

Evaluates and determines the technical sufficiency of submissions from HIPAA covered entities and business associates in response to data and documentation requests (i.e. Assessing reports related to security baselines, penetration tests, vulnerability assessments, and digital forensics).

Document processes, standard operating procedures and system requirements; develops reports summarizing the analysis along with formulating recommendations for OCR to consider for future action.

Develops written reports with technical security analyses, summaries, and

recommendations for action, reports on root causes of problems, efficiency, and support needs.

Provides expertise in the development and evaluation of health information privacy policies and technologies, specifically regarding protected health information; deidentified/re-identified health information; limited data sets.

Provides subject matter expert analysis, evaluation, and recommendations based on national security standards (NIST), industry best practices from the International Organization for Standardization and implementation specifications of the HIPAA Security Rule.

Provides din designing, implementing, and managing information security, data protection, and risk management programs, including policies, procedures, and controls for protected health information based on HIPAA requirements.

Provides advisory expertise in the areas of risk analyses, vulnerability assessments, incident response, security architecture, physical security, business continuity and disaster recovery, enterprise mobility, threat intelligence and analysis, security awareness and online safety, and resolution of highly.

Ability to work well with programmers, developers, content managers, and other key personnel in an interactive development situation.

Responsible for aiding in own self-development by being available and receptive to all training made available by the company.

Plans daily activities within the guidelines of company policy, job description and supervisor's instruction in such a way as to maximize personal output.

Promotes and encourages a culture of compliance with all applicable rules (federal, state, local, Federal Acquisition Regulations, Code of Federal Regulations, Prime Contract requirements, etc.) for themselves and the company as a whole. Fosters an environment in which they will reportanyviolations or reasonably suspected violation of CNI policy, FAR, and/or CFR and are comfortable discussing the myriad compliance, conflict, FAR, CFR, etc. issues that arise during the performance of a government contract.

EDUCATION/EXPERIENCE

Minimum educational experience is a Bachelor's degree from an accredited university with the focus on Cybersecurity, Computer Science, Information Sciences or other comparable fields of study. Preference will be given to candidates with relevant industry certifications from CISSP, CISM, CIPP/CIPT/CIPT.

CERTIFICATES / LICENSES / REGISTRATION

Federal Government guidelines require US Citizenship or Green Card.

Must have ability to obtain a Public Trust Clearance.

JOB SPECIFIC KNOWLEDGE / SKILLS / ABILITIES

Fundamental knowledge of basic systems analysis.

Knowledge of a broad range of relevant computer systems, applications, and/or related equipment.

Knowledge of computer security procedures and protocol.

Basic knowledge of advanced operating system, network, or application management tasks.

Knowledge of current technological developments/trends in area of expertise.

Knowledge of federal copyright laws as they pertain to the use of computer software.

Ability to integrate emerging technologies and applications into current environment and to identify technical specifications to meet user needs including operating system and network or application configuration.

Ability to identify technical specifications to meet user needs including operating system and network or application configuration.

Skills in planning, organizing, and adapting within a multi-tasking environment.

Strong interpersonal skills, flexibility, and customer service orientation.

Ability to gather facts and data for technical proposals and to expand upon them or develop alternatives and to evaluate emerging technologies and identify their potential impact within the existing environment.

Ability to evaluate emerging technologies and identify their potential impact within the existing environment.

Ability to analyze complex computer problems and provide solutions.

Ability to communicate effectively, both orally and in writing.

Ability to communicate technical information to non-technical personnel.

Ability to develop and deliver presentations.

Responsible for the integration of CNI Core Competencies into daily functions, including: commitment to integrity, knowledge/quality of work, supporting financial goals of the company, initiative/motivation, cooperation/relationships, problem analysis/discretion, accomplishing goals through organization, positive oral/written communication skills, leadership abilities, commitment to Affirmative Action, reliability/dependability, flexibility and ownership/accountability of actions taken.

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protected status.

*For Colorado candidates - In compliance with Colorado's Equal Pay for Equal Work Act, the salary range for this role is $100K to $120K annually; however, Chickasaw Nation Industries considers several factors when extending an offer, including but not limited to, the role and associated responsibilities, a candidate's work experience, education/training, and key skills.

#indcni

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!