Lead - IT Security Specialist (Flexible Work Arrangement)
Look for more than answers.
Patients and Physicians rely on our diagnostic testing, information and services to help them make better healthcare decisions. These are often serious decisions with far-reaching consequences, and require sensitivity, tact and a clear dedication to service. It’s about providing clarity and hope.
As a Security Specialist, you will work for the world leader in the industry, with a career where you will have the opportunity to collaborate and affect change while expanding your leadership skills and technical knowledge. You can make a real impact in a market that is growing and developing.
Quest Diagnostics seeks a highly motivated professional as a Lead IT Security Governance and Compliance Specialist to help plan, design, maintain and implement enterprise information security program level controls with a focus on emerging threats, regulatory requirements, and industry best practices such as HIPAA/HITECH, PCI, NIST, CSF, SOX, CCPA, etc.
The ideal candidate will be a self-starter and have an inquisitive, analytical mind that constantly looks for solutions to difficult problems. The specialist must have the ability to convey technology and security concepts to management and ideally has technical knowledge and/or experience in security with a proficiency in the NIST risk management framework with the ability to assess administrative and technical controls.
A successful candidate must be driven and goal-oriented with the ability to complete tasks with limited supervision within an evolving and entrepreneurial environment. The Security and Governance Compliance Specialist will work with other departments throughout the Quest Diagnostics organization and must be detail-oriented to successfully manage multiple projects at the same time.
* Responsible for the security assessment and authorization and continuous compliance based on the NIST, FIPS and OMB requirements
* Responsible for execution of the company PCI compliance program and annual audit as well as support strategic objectives enabling continuous compliance with the applicable security standards and requirements.
* Serve as key resource for IT Security to ensure compliance to government and regulatory requirements and assess compliance, quality and cyber security risk within the organization and recommend solutions to mitigate and reduce IT risks, while improving compliance
* Conduct controls mapping exercises between company policy to regulations, laws, frameworks, etc.
* Provide education, guidance, consultative support for framework (e.g. NIST) or regulatory requirements (e.g. HIPAA) in order to respond to all IT risk & compliance inquiries timely.
* Strong understanding of best practices for information security and data privacy
* Strong background implementing and managing regulatory requirements and security frameworks such as HIPAA/HITECH, NIST, PCI, GDPR, State Privacy Laws, 21 CFR Part 11, NIST, HITRUST, ISO 27001, FISMA, Service Organization Control criteria (SSAE 18 / SOC), EHNAC
* Bachelors degree and 5-7 years’ experience in IT Security, IT Risk Management, Compliance, Privacy or related field. IT Security certifications are a plus e.g. CISA, CRISC, CISM, CISSP, HCISSP
Knowledge Skills and Abilities
* Highly motivated individual with excellent organizational skills and the ability to stay on top of a variety of commitments and deadlines; must be able to work independently and as a team to maintain workload, and report on problems or progress in a timely manner
* Strong time management skills (schedules, timelines, and task prioritization) and ability to work with minimal supervision or guidance
* Excellent communication, analysis and collaboration skills are essential
* Knowledge of and ability to use and influence organization s policies, standards, and procedures guiding organizational processes
* The ability to be flexible with others, to display tact and diplomacy, and to maintain a high degree of confidentiality
* Operate as a consultant, researching and recommending changes to enhance or streamline information security procedures.
* Strong interpersonal skills with a proven ability to work well within a team environment while accomplishing individual projects
*Microsoft Excel and RSA Archer
Join us for competitive benefits and development opportunities in a progressive and supportive environment. Help us improve our service, and the experiences of our patients and colleagues. Work with us and together we can be better.
Your Quest career. Seek it out.
All requirements are subject to possible modifications to reasonably accommodate individuals with disabilities. Quest Diagnostics is an Equal Opportunity Employer: Women / Minorities / Veterans / Disabled / Sexual Orientation / Gender Identity or Citizenship.