SENIOR ANALYST SECURITY COMPLIANCE

Montefiore is ranked among the top hospitals nationally and regionally by U.S. News & World Report. For more than 100 years we have been innovating new treatments, procedures, and approaches to patient care, producing stellar outcomes and raising the bar for academic medical centers in the region and around the world. Our work to improve health outcomes in underserved communities is unparalleled in the United States. Our workforce is among the most diverse in the US: Montefiore associates speak 60+ languages among ourselves.

Our Compliance and Privacy teams are among those responsible for keeping patient data safe. We are hiring a Senior Security Compliance Analyst who will be responsible for all compliance investigations with a focus on anomalies in medical records access while also ensuring that internal systems are compliant with HIPAA security and privacy standards. This role will be responsible for the identification, evaluation and interpretation of regulatory, statutory and Montefiore security and privacy requirements, control deficiencies and information systems compliance risks. This position reports directly to Senior Management.
 

RESPONSIBILITIES INCLUDE:

• Auditing user access to patient data to identify and investigate any anomalies, including working with   the FairWarning privacy system
• Providing direct support to the Montefiore compliance team by assuring information system processes and procedures meets applicable compliance requirements
• Identifying opportunities, recommend and oversee implementations efficiencies in work process to resolve compliance issues
• reviewing and validating all relevant system security controls to ensure compliance with regulatory requirements
• Responsible for internal audits from discovery through remediation
• Responsible for oversight of compliance system alert configuration • Responsible for conducting systems access compliance audits • Conduct frequent compliance report monitoring activities on all systems’ levels of privacy compliance
• Support the creation of an inventory that documents how PHI (Patent Health Information) data is collected, stored and shared across and outside of Montefiore

REQUIREMENTS INCLUDE:

• 5+ years of experience working in investigation, audit, or IT security in a heavily regulated, compliance-driven setting, such as a hospital system, financial services, pharmaceutical, or government/military enterprise.
• IT knowledge and strong analytical skills to solve a diverse range of complex problems
• Prior experience with Fair Warning software or similar audit system with responsibility for data and data access reviews
• Excellent communications and documentation skills
• Capable of maintaining a high degree of confidentiality

DESIRED:

Experience with/exposure to Epic Certified Information Systems Auditor (CISA) 

EDUCATION:

Bachelor’s degree or equivalent experience
 

Department: Compliance Bargaining Unit: Non Union Campus: MOSES  Employment Status: Regular Full-Time Address: 4 Executive Plaza, Yonkers
Shift: Day Scheduled Hours: 8:30 AM-5 PM Req ID: 218801 Salary Range/Pay Rate: $97,500.00 - $130,000.00    

For positions that have only a rate listed, the displayed rate is the hiring rate but could be subject to change based on shift differential, experience, education or other relevant factors.

To learn more about the “Montefiore Difference” – who we are at Montefiore and all that we have to offer our associates, please click here.  

Diversity, equity and inclusion are core values of Montefiore. We are committed to recruiting and creating an environment in which associates feel empowered to thrive and be their authentic selves through our inclusive culture. We welcome your interest and invite you to join us.

Montefiore is an equal employment opportunity employer. Montefiore will recruit, hire, train, transfer, promote, layoff and discharge associates in all job classifications without regard to their race, color, religion, creed, national origin, alienage or citizenship status, age, gender, actual or presumed disability, history of disability, sexual orientation, gender identity, gender expression, genetic predisposition or carrier status, pregnancy, military status, marital status, or partnership status, or any other characteristic protected by law. 

SF-DICE-MIT; LI-SC1-REDIRECT