DXC Technology Account Security and Privacy Officer in Wilmington, Ohio
About DXC Technology
DXC Technology (NYSE: DXC) is the world’s leading independent, end-to-end IT services company, helping clients harness the power of innovation to thrive on change. Created by the merger of CSC and the Enterprise Services business of Hewlett Packard Enterprise, DXC Technology serves nearly 6,000 private and public sector clients across 70 countries. The company’s technology independence, global talent and extensive partner alliance combine to deliver powerful next-generation IT services and solutions. DXC Technology is recognized among the best corporate citizens globally. For more information, visit www.dxc.technology .
General oversight of privacy and security related to HIPAA Privacy and Security rules and State privacy laws. Act as the single customer point of contact for security for HealthCare customer accounts. This position will have responsibility for the information technology security services and security escalations for the assigned account. It also provides leadership and governance for audit and compliance activities. Responsibilities will include attending meetings with all levels of customer management, recommending and influencing customer direction, reporting status of security, leading security projects and programs, generating change orders, handling security escalations, facilitating audits and compliance reviews and overseeing all required regulatory and audit remediation activities.
The clients that will be supported by this position can be companies that are highly regulated with comprehensive security needs. The security requirements are important in order to provide recognized and respected security expertise to implement the security solution and manage any potential future security requirement amendments. The audit management requirement supports the numerous audits related to the client's internal audit, external audit, governmental regulators and industry regulatory auditors.
This position can also be required to act as a trusted advisor to the DXC client and our client team in the area of Information Security and Audit Compliance. This position is required to provide an essential single point of contact and program management for client audit management, controlled self-assessment and to provide security, audit and regulatory-related subject matter expertise.
· Understanding of HIPAA Privacy and Security regulations and state/local privacy laws.
· Evaluate the day to day work conducted on the Client account and conduct risk assessments to determine impact
· Review Policy Compliance Management and vulnerability reports
· Conduct annual user access reviews with account business unit managers. Conduct monthly reviews of privileged access. More often if required by Client.
· Coordinate full risk assessment every three years or as required by Client.
· Coordinate annual SSAE16 audit with various Client resources and third party auditors
· Work with the onsite trainer to conduct HIPAA new hire training for new hires and transfers from non-healthcare accounts.
· Maintain all documentation supporting HIPAA compliance including Privacy and Security Manual, Risk Management Plan, Incident Response Plan.
· Work with the client during the disaster and recovery drill.
· 24/7 availability for any emergencies including any privacy and security events reported by the SIEM SOC and 24/7 availability to address privacy and security incidents in general.
This is the list of core responsibilities for the Account Security Officer and is not all-inclusive. The Account Security Officer may perform additional duties as needed to support the Health Care Industry (HCI) I organization or the client account needs.
Knowledge and Skills Required
3- 5+ years’ experience in data privacy and security. Healthcare experience is required. State agency healthcare experience highly desired!
Bachelors or undergraduate degree or equivalent diploma, or combination of education, certification and relevant experience.
Experience with emphasis in information security and regulatory or other compliance management.
Experience with risk management techniques.
Experience with health care environments and compliance planning and implementation.
Ensure that DXC Technology delivers security services to the client as it is agreed in the contract. Excellent understanding of project management principles.
Knowledge of regulatory compliance requirements including HIPAA/HITECH, NIST, MARS-E 2.0, ISO, SSAE16, and Data Privacy.
Skilled in planning, problem solving, analysis, collaboration, and communication.
Knowledge of DXC operations and methodologies a plus.
Proficient with Microsoft Office suite (Word, Excel, PowerPoint) & Share Point.
Professional certification such as CISSP, GSEC, etc. a plus.
Excellent communication skills; written and verbal.
Excellent Client presentation skills.
Ability to influence and/or lead security-related business development activities.
Risk Management experience; demonstrated ability to link risk management practices to business needs.
Team player; ability to work with people in a productive manner.
Strong Organizational Skills; ability to handle multiple high-pressure situations simultaneously.
Thanks for taking the time to review our job, if you think it is a match to your experience and interests please apply today— we are eager to learn more about you! If you know a friend who may be a fit for the job please refer them.
Please note the above statements describe the general nature and level of work only. They are not a complete list of all required responsibilities, duties and skills. Other duties may be added, or this description amended at any time.
DXC Technology is EEO F/M/Protected Veteran/ Individual with Disabilities