HITRUST Security and Compliance Manager
Sysmex America, Inc | |||||||||
United States, Illinois, Lincolnshire | |||||||||
577 West Aptakisic Road (Show on map) | |||||||||
Oct 28, 2024 | |||||||||
HITRUST Security and Compliance Manager Job Location(s)
US-IL-Lincolnshire
Overview Find a Better Way... ...to use your skills and experience. This is the time to let your talent come to life. To maximize your knowledge and use it for the greater good. To work with the best professionals using state-of-the-art technology, and improve lives with your innovative ideas and ambitious dreams. Find a better way: the Sysmex Way. ...to improve the lives of others. Headquartered in Kobe, Japan, Sysmex is located in Lincolnshire, Illinois. Renowned worldwide for the very finest in quality, innovative diagnostic equipment and information-management systems, we apply science to enhance the quality of life on a global scale. Our agile, resourceful team is committed to realizing critical breakthroughs in laboratory diagnostics, information technology, workflow analysis and life sciences for the clinical laboratory. ...to build a promising future. Responsibilities We currently have a great opportunity available for a HITRUST Security & Compliance Manager. The HITRUST Security & Compliance Manager, is responsible for the development, maintenance, operations, and compliance of the cybersecurity program for the medical device software products manufactured at Sysmex America, Inc. The role is also a stakeholder in the cybersecurity roadmap for the other Corporate Systems & Innovation applications to ensure cybersecurity compliance and standardization. As part of this responsibility, this role will lead efforts to maintain the independent 3rd party HITRUST certification through review and approval of all security requirements and working with internal stakeholders and 3rd party partners to pass our audit to obtain and maintain certification. Essential Duties and Responsibilities: 1. Responsible for providing consultation services to leadership on cybersecurity policy, procedure, and implementation to ensure compliance with regulatory requirements, Customer Systems & Innovations standards, and industry best practices. This includes managing change and aligning cross-functional teams impacted by added or modified processes (Quality Assurance, Customer Care, Marketing, Customer Service, etc.). 2. Provides direction and strategy to Analysts, Security Compliance for WS Information Security Program (WSISP) improvement, implementation and operations. Responsible for continuous monitoring and compliance of HITRUST security controls to ensure that they continue to be implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned HITRUST pre/post-certified systems. 3. Responsible for the establishment, continuous review, and understanding of security policies, procedures, and implementation measures that support the WSISP, including but not limited to Configuration Management, Contingency Planning, and testing, Incident Response Plans and testing, Interoperability Security Agreements, Risk Assessments, Security control baselines, etc. 4. Analyzes the impact of emerging Cybersecurity requirements and identifies areas of risk and development of strategy, policy, governance, and implementation guidance recommendations for a holistic risk management approach. 5. Responsible for supporting operations of Caresphere WS post-market surveillance for product issues and complaints. Supports coordination with cross-functional risk management, post-market surveillance and development leadership to provide risk assessment, root cause, resolution and workaround details for Caresphere WS product suite potential harm issues in tandem with the IT Process Governance team. 6. Responsible for the establishment, improvement, and monitoring of the Caresphere WS product suite manufacturing processes (device master record and device history record), including alignment with HITS Delivery and IT Process Governance teams. 7. Responsible for supporting the IT Process Governance team in internal and external audits (ISO, FDA, MDSAP, etc.) as a subject matter expert for Caresphere WS product suite design and development, post-market surveillance, and manufacturing. 8. Perform manager-type responsibilities for direct reports (performance management, time reporting, expense management, etc.). 9. Other duties as assigned. Travel Percentage: 10% Qualifications
Bachelor's degree required. 5 years of previous experience in Process Management, QA and/or Security Compliance, HITRUST Technology Specialist/Auditor required.
Sysmex is proud to be an EEO/Affirmative Action employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, age, sex, sexual orientation, gender identity or expression, color, religion, national origin, genetics, disability status, protected veteran status or any other characteristic protected by law. We maintain a drug-free workplace and perform pre-employment substance abuse testing. |