MBI Digital is looking for a Senior Healthcare Security Compliance Specialist with minimum 8 yrs experience supporting AI/ML Product Developers and QA/audit teams.
This is a 100% remote opportunity. The project engagement is for 6 months with possibility of extension. The candidate should be willing to work in the EST time zone.
Role and Responsibilities:
Regulatory Compliance Requirements:
Stay abreast of all healthcare security regulations, including HIPAA, GDPR, HITECH, and other relevant standards.
Analyze industry frameworks most likely to be requested by customers for coverage in a TPRM questionnaire and multi-industry regularly accepted questionnaires to prepare for ability to intake and cross apply.
Select a control set from the options identified above to serve as the "primary key" control set.
Collaborate with the Technical teams using tools like Secure Controls Framework (SCF), to build client’s automated control mapping technology
Manually map additional controls not represented by SCF (e.g., HITRUST, Client proprietary questionnaires/frameworks, Client cleared requirements) for consumption by Technical team.
Support AI/ML Product Development:
Collaborate with Technical teams on building the AI model to leverage semantic text matching and detail extraction from security in order to answer security control questions.
Perform QA and apply confidence scores to the question/answer results that AI produces. Potentially re-map or rephrase alternative questions on low confidence matches.
Write new/update existing audit protocols and judgment rules for Client Cleared requirements & control-level questions.
Engage with the Client Audit team to understand gaps in current protocols and open questions.
Collaborate with Technical teams on training the AI based on these audit protocols and judgment rules.
QA and recalibration of results of AI judgements. UAT of UI build outs for this technology.
Quality Assurance and Auditing:
Coordinate with internal and external auditing teams to facilitate comprehensive assessments of AI/ML products.
Develop and implement QA procedures and policies specifically tailored to healthcare security compliance.
Perform regular audits and assessments to ensure the effectiveness of security protocols and recommend improvements where necessary.
Required skills and Qualifications:
10+ years of industry experience with good understanding of AI/ML technologies and their implications for healthcare data security and Product Development experience
In-depth knowledge of healthcare regulatory frameworks (HIPAA, GDPR, HITECH, etc.)
Proven experience in developing and implementing compliance strategies and QA procedures
Relevant certifications (e.g., Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), etc.) HITRUST are highly desirable
Excellent communication skills with the ability to translate complex compliance requirements into actionable plans for technical teams
Must be independent, self-starter and self-motivated
Educational Qualifications:
Bachelor's degree in Computer Science, Information Security, Healthcare Management, or related field; advanced degree preferred.