IT Security & Compliance Specialist

  • At Owens & Minor, our Mission is simple: empowering our customers to advance healthcare.
  • Our teammates continue to play an essential role in the global fight against COVID-19 by working to ensure our healthcare customers have what they need, when they need it, enabling them to focus on the critical task of providing patient care.
  • As a Fortune 500 company with over 15,000 teammates in over 70 countries, Owens & Minor remains laser-focused on delivering on our Mission throughout COVID-19 and beyond.
  • Our people are the power that propels us.
  • As we continue to navigate unprecedented circumstances, teammate safety remains our top priority, and all of our facilities have implemented enhanced safety and sanitation protocols.
  • Just as our teammates are dedicated to empowering healthcare around the world, Owens & Minor is dedicated to providing the kind of culture and benefits that empower teammates to grow their careers and enjoy the rewarding work they do every day.
  • Medical, dental, and vision insurance, available on first working day
  • 401(k), eligibility after 30 days of employment
  • Employee stock purchase plan
  • Development opportunities to grow your career with a global companyJob SummaryEnsures the business units’ Information Technology’s compliance with the various regulations including the Health Insurance Portability and Accountability Act (HIPAA), Personally Identifiable Information (PII), Protected Health Information (PHI), Payment Card Industry (PCI), General Data Protection Regulation (GDPR), and the Federal Information Security Management Act (FISMA).
  • Develops, tests, documents, evaluates, tracks, and improves Information Technology (IT) compliance controls for all Information Technology resources within the business unit.
  • In conjunction with Corporate IT Security, develops, implements, and maintains IT Compliance controls; develops and reviews existing IT compliance business unit controls for regulatory updates and performs the necessary gap analysis; creates and maintains various internal and external audit and compliance schedules for Information Technology Services (ITS).
  • Conducts risk assessments on business and operational processes, procedures, and policies within the business unit; interprets audit results and makes conclusions on the adequacy and reliability of IT controls; prepares and presents reports on improvements to systems as necessary.
  • Prioritizes and controls projects based on severity of risk and non-compliance; communicates control strengths and weaknesses to internal audit and compliance and collaborates with internal audit to develop migration plans.
  • Designs and enhances for internal controls such as segregation of duties, production change management, software management, securityincident handling, and transmission integrity; assists internal audit team and serves as a liaison with external auditors to facilitate auditing process.
  • Designs audit/compliance programs to ensure ongoing evaluation and validation of ITS control effectiveness; performs other duties as assigned.
  • Assist with overall contract compliance to ensure that all IT Suppliers meet their contractual obligations.
  • Assist with the development of IT Governance policies and procedures and ensuring that they are up-to-date on a regular basis.
  • Assist with tracking and monitoring of Supplier Statements of Work/Task Orders for deadlines and compliance.
  • Coordinates, organizes, communicates and documents minutes for IT Governance meetings.
  • Bachelor’s Degree, preferably in related field (Computer Science, Information Technology, Data Science, Data Analytics, Information Security)
  • 8 or more years of professional IT Security or IT Audit experience
  • Demonstrated experience leading medium to large-scale enterprise risk management and/or compliance management efforts in a complex and/or highly distributed environment
  • Proven ability to establish standards and procedures and advocate best practices.
  • Certified Information Systems Security Professional (CISSP) certification preferredIf you feel this opportunity could be the next step in your career, we encourage you to apply.
  • Owens & Minor is an Equal Opportunity Employer.
  • All qualified applicants will receive consideration for employment without regard to race, color, national origin, sex, sexual orientation, genetic information, religion, disability, age, status as a veteran, or any other status prohibited by applicable national, federal, state or local law.
  • Note: Owens & Minor is not accepting unsolicited assistance from search firms for this employment opportunity.
  • Please, no phone calls or emails.
  • All resumes submitted by search firms to any employee at our Company via email, the Internet, or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of our Company.
  • No fee will be paid in the event the candidate is hired by our Company as a result of the referral or through other means.
  • Associated topics: attack, forensic, identity access management, idm, information assurance, information security, malicious, securitysecurity officer, violation

More Information

Apply for this job

Leave your thoughts

Share this job