|Job Title||IT Security Professional I|
|Vacancy Open to||All Candidates|
|Department||HSH Office of Institution Integrity|
|Advertising Department||OFFICE OF INSTITUTIONAL INTEGRITY|
|Classification Title||Technology Specialist|
|Working Title||IT Security Professional I|
|Number of Vacancies||1|
|Full Time Equivalent (FTE)||1.0|
|Full Time or Part Time||Full Time|
|Recruitment Range||Commensurate with Qualifications|
|Position Location (City)||Greenville|
|Job Category||Non-Faculty Instructional & Research|
|Organizational Unit Overview||
The HIPAA Security section within the Office of Institutional Integrity manages the University’s HIPAA securitycompliance program.
It ensures University compliance with federal and state HIPAA security regulations and standards, internal and state HIPAA audits, policy development and enforcement, user awareness and education, incident response and recovery, and user account security for HIPAA systems. The mission of HIPAA Security is to establish a strong compliance program and a secure environment that safeguards the University’s electronic protected health information (ePHI).
The HIPAA Security Specialist helps develop, implement, and manage University-wide HIPAA Security projects to include: developing project specifications, writing requests for proposals, determining and allocating internal and external resources, managing external vendors, and meeting timeline expectations.
This employee is responsible for HIPAA security and compliance initiatives and collaborates among divisions within the University to ensure information systems are implemented in accordance with a) the mission of the University, b) HIPAA security standards c) University Policies and d) Federal and State laws and regulations.
Provide oversight, guidance, training, and detailed support to HIPAA Systems
Collaborate with ITCS to help ensure workforce members receive communications regarding compliant solutions and security controls to ensure all controls are implemented prior to approving the use of appropriate information security applications, storage devices, and internal or hosted systems.
Coordinate and organize additional education, meetings, and sessions to assist workforce members with HIPAA security compliance issues.
Research the latest technology advances related to HIPAA security, provide support and a strong relationship with the Office of Research Integrity and Compliance, Internal Auditing and Management Advisory Services, ECU Legal Affairs, other University departments and leadership, and external parties on HIPAA security compliance requirements.
This employee will collaborate with multiple University personnel, including a very strong relationship with ECU ITCS to ensure federal HIPAA regulations and university policies are being met at the University.
Assist the HIPAA Security Officer with initiatives to ensure compliance across the University. Provide resource level support to the University in HIPAA security compliance for adherence to administrative, technical and physical security requirements; research HIPAA regulation and security industry security standards (ISO 27002, NIST, NIH) for HIPAA compliance; review technical, physical and administrative controls for existing, updated and new HIPAA systems and applications for HIPAA Security compliance; conduct business analyses to ensure the business and technical requirements for HIPAA systems have been addressed and integrated into design and function of systems and applications; perform technical and functional application security review for HIPAA systems that store, access or process protected health information (PHI) to determine the existing application security controls and if they meet required controls; conduct information security gap analyses to determine gap between required security controls as specified by HIPAA security regulation, security industry standards, existing security controls, and federal/state laws. Research, create, develop and enforce security policies, practices, standards and procedures that ensure the protection of University information and HIPAA systems as specified by ISO 27002 Information Security Standard, NIST standard, and other state and federal statutes; provide ITCS and distributed IT resources guidance in interpreting HIPAA security compliance requirements and performing application and system HIPAA security assessments.
Serve as the ECU HIPAA Security Specialist and assist in managing the daily HIPAA security activities as well as assist in managing all HIPAA security responsibilities under the guidance of the ECU HIPAA Security Officer. Advise IT and management across the University on HIPAA privacy and security compliance initiatives and practices. Manage and implement University-wide information projects inclusive of developing project specifications, determining and allocating internal and external resources and meeting timeline expectations.
Produce various reports as needed in order to fulfill research of compliance standards. Provide guidance and communication related to HIPAA to IT Security staff as appropriate. Assist in University information security incident response and reporting as required, and participate in HIPAA security incident responses as required.
Assist in research, investigate sensitive data issues for lost or stolen devices. Analyze and report on high risk information security, privacy, and compliance issues to workforce members.
Respond to HIPAA security issues; investigate HIPAA security violations and issue corrective actions for compliance as required by University Incident Response protocols; assist in coordinating responses to state and internal audits; meet with campus departments and consult on HIPAA security and compliance issues; and respond to requests from external agencies.
Assist in and or chair various University committees to represent and provide guidance regarding HIPAA Security compliance standards.
Serve on University and UNC systems information security committees. Report to external regulatory bodies as appropriate. Develop and maintain University HIPAA Security policies, standards and procedures to meet requirements as specified by HIPAA regulation; assist in Office’s website developing and maintaining efforts.
Other duties as assigned.
Masters degree in a information technology field or health information technology
|License or Certification Required by Statute or Regulation||
|Preferred Experience, Skills, Training/Education||
An understanding of IT service functions such as technical security, application development, server administration, database administration, and user account administration.
|Special Instructions to Applicant||
East Carolina University requires applicants to submit a candidate profile online in order to be considered for the position. In addition to submitting a candidate profile online, please submit online the required applicant documents:
|Additional Instructions to Applicant||
In order to be considered for this position, applicants must complete a candidate profile online via the PeopleAdmin system and submit any requested documents. Additionally, applicants that possess the preferred education and experience must also possess the minimum education/experience, if applicable.
|Job Open Date||07/01/2019|
|Open Until Filled||Yes|
|Job Close Date - Positions will be posted until 11:59 p.m. EST on this date. If no closing date is indicated, the position may close at any time after the initial screening date.|
|Initial Screening Begins||07/15/2019|
|Quick Link for Direct Access to Posting||http://ecu.peopleadmin.com/postings/29801|
East Carolina University is an equal opportunity and affirmative action employer and seeks to create an environment that fosters the recruitment and retention of a more diverse student body, faculty, staff and administration. We encourage qualified applicants from women, minorities, veterans, individuals with a disability, and historically underrepresented groups. All qualified applicants will receive consideration for employment without regard to their race/ethnicity, color, genetic information, national origin, religion, sex, sexual orientation, gender identity, age, disability, political affiliation, or veteran status.
Individuals requesting accommodation under the Americans with Disabilities Act Amendments Act (ADAAA) should contact the Department for Disability Support Services at (252) 737-1016 (Voice/TTY).
|Eligibility for Employment||
Final candidates are subject to criminal & sex offender background checks. Some vacancies also require credit or motor vehicle checks. ECU participates in E-Verify. Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States.
|Office of Human Resources Contact Information||
If you experience any problems accessing the system or have questions about the application process, please contact the Office of Human Resources at (252) 328-9847 or toll free at 1-866-489-1740 or send an email to firstname.lastname@example.org. Our office is available to provide assistance Monday-Friday from 8:00-5:00 EST.