• Find preferred job with Jobstinger
  • ID
    #22508282
  • Salary
    TBD
  • Source
    J&J Family of Companies
  • Date
    2021-11-10
  • Deadline
    2022-01-09
 
Full-time

Vacancy expired!

Johnson and Johnson Medical Device Digital Surgery team is seeking an IT Compliance Manager to be located in Raritan, NJ, Warsaw, IN, or Cincinnati, OH. The Compliance Manager is responsible for developing a well-rounded technology focused program that will drive compliance with regulatory requirements such as HIPAA, HITRUST and ISO 27001. The role is responsible for creating and maintaining clear communication channels with internal and external business partners across all levels of the organization. The Compliance Manager is responsible for creating key dashboards, metrics and other materials as needed to effectively communicate the status of the compliance efforts that demonstrate the compliance maturity throughout the life cycle of the platform. The Compliance Manager is responsible for developing and leading the compliance roadmap on how to meet the regulations by setting achievable, realistic goals and objectives for the platform to ensure ongoing improvements and efficiencies. As part of the ongoing compliance roadmap, the Compliance Manager will develop processes and procedures to standardize compliance efforts across the platform to increase the maturity level of the technical controls. The Compliance Manager also works with internal and external business partners to ensure the teams understand how the regulatory requirements impact their specific needs and are addressed with the platform while ensuring the compliance maturity levels. The Compliance Manager will be responsible for managing external assessor engagements by coordinating with the engineers and business teams based on the schedule to drive completion, gather evidence to support key security control areas, and serve as liaison to the external audit team. This individual would be responsible for researching industry certification trends to ensure the platform retains a competitive edge with the market’s needs. The individual will also research and collaborate on innovative tools or methods to increase overall efficiency. Creative problem-solving skills are required to handle the wide range of solutions provided to the engagement teams. Key Responsibilities: Develop compliance roadmap, dashboards, and deliverables to meet regulatory challenges.

Handle the efforts to conduct system risk management activities related to HIPAA, HITRUST, and other applicable standards to identify current and future threats and to help the organization reach an acceptable level of risk and maturity.

Identify threats and vulnerabilities, assess current security controls, and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs.

Provide Compliance consultancy (HIPAA, HITRUST, etc.) to guide technical and business partners in risk reduction for current and future technologies.

Maintain compliance to industry regulations such as HIPAA, HITRUST, ISO 27001 and drive improvements in compliance scores across platform.

Provide Compliance SME support to project teams and business partners to ensure commitment to ongoing compliance efforts.

Develop and publish meaningful and actionable metrics in support of risk reduction objectives of the DSEP platform and business partners

Produce applicable engagement documentation, present the results, and store demonstrable evidence and artifacts into repository.

Participate in and lead shaping DSEP policies related to HIPAA, HITRUST and other applicable standards and frameworks.

QualificationsBA/BS or equivalent industry experience

A minimum of 10 years of increasing experience in leadership roles in IT with a focus on compliance including HIPAA, HITRUST and other applicable standards (Required)

3+ years of conducting HIPAA, HITRUST, ISO 27001 or other regulatory assessments in a global de-centralized organization (Required).

Expert knowledge of HITRUST MyCSF Portal, MyCSF Framework, and control inheritance

SharePoint hands-on development and administration experience to customize and develop custom solutions

Working knowledge and experience with data visualization and BI tools like Tableau, Microsoft Power BI

Experience with Microsoft Planner, Kanban, or similar management tools

Working knowledge of Microsoft Flow or other automation and workflow management systems

Experience working with multiple corporate risk leaders as well as the sectors within Life Sciences

Experience handling several portfolios of projects

Hands-on experience with reviewing/updating and authoring quality documentation is required.

Big Picture/Attention to Detail – align strategic and tactical.

Creative problem-solving skills.

Superb communication and collaboration skills

Certifications

Certified CSF Practitioner (CCSFP) – Required

Certified HIPAA Professional (HCISPP) – Required

Certified Information Systems Auditor (CISA) – Required

Certified HITRUST Quality Professional (CHQP) – Required

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Primary LocationUnited States-Ohio-Cincinnati-4545 Creek RoadOther LocationsNorth America-United States-New Jersey-Raritan, North America-United States-Indiana-WarsawOrganizationJohnson & Johnson Services Inc. (6090)Job FunctionInfo TechnologyRequisition ID2105981125W

Vacancy expired!

Report job

Related Jobs

Jobstinger