This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

This role offers the opportunity to provide high-impact advisory services focused on healthcare governance, risk, compliance, and resilience. You will lead and deliver assessments, documentation, workshops, and actionable recommendations that help healthcare organizations navigate regulatory and cybersecurity requirements.

• Execute healthcare advisory engagements, including governance, risk, and compliance (GRC) assessments, gap analyses, and remediation support.
• Deliver services across incident response (IR), disaster recovery (DR), business impact analysis (BIA), and business continuity planning (BCP) engagements.
• Assist with vendor risk management (VRM) and cybersecurity supply chain risk management (C-SCRM) activities for healthcare organizations.
• Develop and update healthcare-specific documentation, including policies, procedures, risk assessments, system documentation, and plans/playbooks.
• Lead client interviews, workshops, and working sessions with IT, compliance, security, and operational teams.
• Collaborate with project managers and senior consultants to support engagement execution, monitor project health, and ensure timely delivery of high-quality deliverables.
• Mentor junior staff, providing guidance on project workflow and the technical aspects of compliance and risk documentation.

Qualifications

• Bachelor’s degree in Information Security, Information Systems, Computer Science, Business, or equivalent experience.
• 4–6 years of experience in cybersecurity, GRC, compliance, risk management, or related consulting roles.
• Experience supporting or delivering advisory engagements in healthcare or regulated environments.
• Knowledge of healthcare regulations and frameworks, including HIPAA/HITECH, HITRUST, CMS requirements, and NIST 800-series frameworks.
• Experience developing compliance documentation, assessment reports, and mapping client evidence to regulatory requirements.
• Strong written and verbal communication skills with the ability to explain complex compliance and risk concepts clearly.
• Attention to detail, organizational skills, and ability to manage multiple tasks and deadlines.
• Consulting mindset with the ability to build trust and credibility with clients while working independently.
• Required certifications or experience: HITRUST CCSFP, CompTIA Security+, CompTIA Network+, or equivalent.
• Bonus points for CISA, CISM, CISSP, CIPP/US, or cloud certifications (AWS, Azure, GCP).

Benefits

• Competitive salary range: $86,000–$148,000/year, with potential participation in incentives or recognition programs.
• Flexible work arrangements, including remote work options.
• Opportunities to work with leading healthcare organizations on complex compliance and cybersecurity challenges.
• Professional development, training, and certification reimbursement.
• Paid parental leave, flexible time off, and digital mental health support.
• Comprehensive insurance coverage, including medical, dental, and vision plans.
• Exposure to a collaborative, mission-driven team culture that values learning, mentorship, and career growth.

Company Description