Job Description

The Security Specialist will work collaboratively with Cognosante clients and other Cognosante team members supporting the client engagement. The Security Specialist will work to ensure that the client’s security needs are met by confirming that the proper steps are taken to protect client assets and information. The Security Specialist has experience performing security assessments within the healthcare industry and has solid working knowledge of state and federal security regulations.


The Security Specialist will work with the Security Excellence Team Leader to strengthen and expand our Security capability within Cognosante Consulting across the client base.


The Security Specialist works closely with all parties to confirm the proper controls, mechanisms, and monitoring are in place to ensure compliance with defined policies. In addition, the Security Specialist works directly with the vendors, business users and the client to provide recommendations to the project team on project issues, risks and project direction, to develop corrective action plans to mitigate security risk and to execute remediation actions as identified.


Additional duties include:

  • Perform Security assessment for State Healthcare clients, specifically MARS-E assessments
  • Assess technical compliance of systems with specified security requirements required by CMS
  • Review deliverables and processes for quality, completeness and security adherence
  • Review and make written recommendations for data sharing activities and database design activities to ensure data integrity 
  • Provide leadership in MARS (Minimum Acceptable Risk Standards) and Security Audits that occur during the project
  • Ensure all documentation (ie. Data Sharing agreements, etc.) is collected and updated as appropriate
  • Create and update all CMS required security reports and documentation
  • Develop, maintain, and monitor an effective compliance and risk management program to meet the guidelines of CMS, Medicaid, HIPAA/PII
  • Develop client deliverables in accordance with project requirements and company documentation standards
  • Review and assess project documents and security plans for quality, completeness, compliance, and effectiveness
  • Review major deliverables from Vendors
  • Identify and report project issues and risks related to Security
  • Interface with client, vendor, and business users
  • Research and provide recommendations to the client on critical business decisions
  • Collaborate with other team members to provide subject matter expertise and assistance as applicable
  • Ensure that all project identified processes and methodologies are executed and followed as applicable


Minimum Qualifications

  • Bachelor's degree
  • Minimum 5 years’ relevant experience
  • At least 3 years of experience specifically managing health privacy and security
  • Formal education or professional experience in law, information technology, security, privacy, public policy, or health care
  • In-depth knowledge of Cyber Security Controls.
  • CISSP certification required; CIPT or equivalent certification required
  • Relevant certifications such as HCISPP, CISM, CIPP, CISA, or CHPS
  • Strong knowledge of HIPAA and other privacy and security laws, regulations, and corresponding practices
  • Experience establishing and maintaining privacy and security compliance in a health-related setting
  • Experience in providing security services and data auditing, in Human Services or Healthcare IT industry
  • Experience working on large, complex systems projects
  • Experience working in environments that process personally identifiable information (PII) or protected health information (PHI)
  • Prior experience performing in the role of privacy or security in a health industry or government setting
  • Ability to plan cyber security program and infrastructure component projects to execute multi-year strategic objectives with a strong passion and drive utilizing capabilities to ensure commitments are completed on time, as scoped and budgeted.
  • Conduct product evaluations to ensure the right tools are in place
  • Understand standard Medicaid and / or Eligibility system architectures, networks, and data exchange formats
  • Understand CMS Conditions and Standard
  • Must be comfortable with frequent travel across the Eastern US


Additional Qualifications

  • Ability to work independently and manage work to a defined schedule
  • Familiarity with government standards and practices relating to the proper handling of personally identifiable information (PII) and protected health information (PHI)
  • Knowledge of HIPAA, ARRA, ACA, and other security requirements is a plus
  • Strong written and verbal communication skill
  • Experience conducting meetings and making presentations
  • Strong problem-solving and customer service skills
  • Employee is expected to undertake any additional duties as they are assigned by their manager
  • Work with Senior Leadership to define and create the HCS center of excellence for Data/Security Management
  • Team player and a consistent, dependable performer with an excellent work ethic, flexible “can-do” attitude, and a results-driven commitment to success

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online