IT Audit Associate-Client Engagement Consultant

This position can be local to Atlanta or 100% remote if the candidate lives outside the area.

• Provides oversight of compliance, audit and regulatory reviews and acts as the primary point of contact for management, responsible for providing regulatory and information security expertise.
• Ensure that appropriate security controls are in place and that key regulatory timelines and required documents are tested
• Document and report audit findings to management of affected areas
• Perform risk analysis to determine level of risk and recommend action(s) to mitigate along with contract and Third Party Risk reviews, including SSAE16 and vendor assessments
• Serve as the primary project communication contact for clients and develop trust-based relationships with client IT and business personnel. Demonstrate proficiency in developing and sustaining client relationships.
• Communicate in an organized and knowledgeable manner in written and verbal formats, including delivering clear requests for information and communicating potential conflicts. Provide exceptional quality service and support to clients.
• Demonstrate project management skills including developing initial project plans based on agreed-upon scope, updating the plan throughout the duration of the project, communicating status both internally and to the client on a routine basis, anticipating roadblocks and proactively adjusting approach
• Demonstrate advanced proficiency with MS Office (Word, Excel, OneNote, PowerPoint) and SharePoint for the creation and maintenance of client deliverables. Microsoft Dynamics CRM a huge plus.

• High School diploma or GED required, Bachelor’s or Master’s Degree preferred. In lieu of Bachelor’s degree, 1+ years of relevant work experience
• 2 to 5 of Vendor Security Assessment, Security Risk Assessment, Information Security Management, Review of IT Controls, Medical Device and/or Product/Application Assessments.
• Familiarity with industry regulations and audit frameworks such as SSAE 16/18, SOC, ISO 27001, NIST, COBIT, FedRAMP or HITRUST
• Participate in the delivery and communication/explanation of vendor security reports for client’s programs as appropriate to enhance personal skills and expertise
• Ability to work in fast paced consulting environment.
• Ability to travel 5-10% to client sites.

• Understanding industry standards relating to the areas of healthcare compliance and Information Security in order to assist healthcare organizations with the assessment and improvement of their security posture would be highly desired but not required.
• HIPAA Privacy and Security