Information Security + Compliance Specialist
Albuquerque, NM /
RS21 is a leading data science and visualization company tackling humanity’s biggest challenges. With offices in Albuquerque, NM and Washington, D.C., we develop interactive, big data analytics and visualization solutions that connect people with the data they need.
RS21 employees enjoy competitive salaries, flexible schedules, professional development, PTO, health insurance, 401(k), casual dress, an open pet policy, birthday gifts, fun events, while working to solve complex problems in beautiful ways. RS21 is ranked as a 2020 Best Workplaces for Innovators, Top 50 Company by Fast Company.
The Information Security & Compliance Specialist will be responsible for driving the implementation and maintenance of compliance programs across the company to ensure RS21 exceeds any and all security and privacy requirements from our healthcare and government clients. The ideal candidate will have prior experience working with rapidly scaling start-ups to institute HIPAA and HITECH policies and procedures, manage compliance and mitigate risk.
This position will join our Albuquerque team and report to the Chief Operations Officer. Candidates currently residing in the New Mexico area or who are open to relocation are encouraged to apply.
- Spearhead development, documentation and implementation of all security and compliance-related policies, procedures, controls, standards, organizational roles and committees, and safeguards (including administrative, physical and technical safeguards) to ensure highly effective HIPAA and HITECH compliance.
- Coordinate with executive leadership, legal counsel and/or other corporate stakeholders to ensure all legal agreements (including BAAs, MSAs, SOWs and others) comply with applicable healthcare, government, and Native American tribal privacy requirements.
- Drive internal security risk assessments, reviews, and audits to ensure workforce compliance, and support external audits to ensure compliance (up to and including ISO27001 and/or SOC 2 standards)
- Implement measures prescribed by security assessments and/or audits, oversees incident reporting process, support breach investigations as required
- Ensure timely and appropriate workforce-wide compliance training is conducted regularly and drive behavior changes across the organization
- Demonstrated in-depth experience with HIPAA and HITECH programs
- Background in one or more of the following: business analysis, business intelligence, data analysis, data engineering, data science, project management, software development
- 2+ years’ experience in a similar role
- Understanding technology security concepts and their implementation in an information technology landscape (to include capabilities such as encryption, role-based access control, GRC technologies, etc.) is required although deep technology expertise is not necessary
- Demonstrated understanding of one or more commercial or government security frameworks (i.e. HITRUST, SOC 1/2, FedRAMP, PCI, ISO 27001, NIST 800-171/800-53)
- Must be able to work independently with minimal direct supervision, as well as across functional boundaries and teams, including frequent engagement with executive leadership
- Strong cross-functional collaboration skills and ability to drive results
- Thrives in a fast-paced, dynamic start-up environment
RS21 is a dynamic, growing startup with 50+ employees doing great things, and we're looking for the right people to help move us forward. Our nine core values empower a culture of integrity, learning, taking risks, making a difference, constantly improving, and helping our team achieve a healthy work-life balance with flexible schedules and remote work options. As a testament to our exceptional culture, employees voted us a “Best Place to Work”.
RS21 believes a variety of viewpoints, experiences and ideas are at the core of true innovation. We are committed to attracting a diverse pool of candidates looking to join a team that places the highest value on collaboration, creativity, engagement, and honest exchange. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.