Information Technology Engineer, Senior (HIPAA/Compliance)
Dallas, TX

Job Description

Position Purpose

The salary listed on this job posting is the entire salary range for the position; amount offered will depend upon qualifications.

For information related to Essential Functions, Knowledge, Skills & Abilities Required to Perform Work, and Working Conditions & Hazards of this position, click here. Locate and click on the position title to view the job classification specification.

For evaluation purposes, acceptable qualifying experience for all positions must have been in a paid capacity unless noted otherwise in the minimum qualifications for the posted position.

Additionally, 30+ hours per week will be counted as full-time employment and will receive full credit for the amount of time employed. A minimum of 15 through 29 work hours per week will be counted as part-time employment and will receive half credit for the amount of time employed.

Vacancies currently available in the following department(s): Communications and Information Services-Radio Infrastructure, Communications and Information Services-Internal Application Services

Essential Functions

Minimum Qualifications

EDUCATION

* Bachelor's degree in a computer science, engineering, math, Business or Information technology related field.

EXPERIENCE:

* Five (5) years of experience establishing and maintaining information security management to ensure that HIPAA information assets are adequately protected.

Experience must include all the following:

* Developing strategies, plans and policies/ procedures to achieve HIPAA security requirements and address identified risks.
* Identify, select and implement HIPAA technical controls and common set of security tools to monitor compliance with implemented controls.
* Perform incident response investigation of electronic information systems and users associated with HIPAA cyber security events (per occurrence).
* Working with business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments.
* Performing security controls testing and vulnerability assessments to identify security strengths and weaknesses, to assess the effectiveness of existing controls, and recommend remedial action and solutions.
* Reviewing/ monitoring audit trails, system logs and other monitoring data sources regularly and ensuring they are in compliance with HIPAA policies and audit requirements.



EQUIVALENCY(IES):

* High school diploma or GED plus nine (9) years of the required experience in an Information Technology Security environment will meet the education and experience requirements.
* An associate's degree in any field plus seven (7) years of the required experience in an Information Technology Security environment will meet the education and experience requirements.
* A bachelor's degree or higher in a non-specified field plus seven (7) years of the required experience in an Information Technology Security environment will meet the education and experience requirements.
* A master's degree or higher in a specified field plus three (3) years of the required experience in an Information Technology Security environment will meet the education and experience requirements.

OTHER REQUIREMENTS:

* No felony or class A misdemeanor convictions.
* No class B misdemeanor conviction within the last ten (10) years.
* No family violence convictions.
* Cannot currently be on deferred adjudication for any felony, class A misdemeanor or class B misdemeanor charge.
* IT and network security experience.

KNOWLEDGE, SKILLS, ABILITY(IES):

* Knowledge of Information security compliance requirements and industry standards; to include HIPAA Security Standards for the Protection of EPHI, HIPAA Hi-Tech, Texas Medical Privacy Act and other compliance regulations
* Knowledge of network infrastructure and security protocols and concepts is a plus
* Knowledge of HIPAA security and risk methodologies and technologies, including thorough knowledge and experience in developing and documenting HIPAA security strategy, architecture and plan
* Must be able to Develop, document, and maintain security policies, processes, procedures, and standards
* Ability to Perform security internal control assessments, testing and audits
* Ability to Perform HIPAA-related risk, business impact, control, and vulnerability assessment

PREFERENCE(S):

* One or more of the following certifications preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), HealthCare Information Security and Privacy Practitioner (HCISSP) and others including Certified Authorization Professional (CAP).