Dechen Consulting
About Dechen Consulting Group (DCG)
Dechen Consulting Group (DCG) is a rapidly expanding, innovative IT Professional Services and Management Consulting company with a track record of more than twenty-five years in delivering skilled professionals to our clients across diverse sectors.
Job Opportunity
We are currently offering a C2C opportunity in Virginia with the potential to extend over multiple years, with the chance to transition to a direct hire position with our client. We provide healthcare, vacation, relocation assistance, and visa sponsorship/transfer. This role offers excellent prospects for career progression!
Short Description
Our Client's Health Benefit Exchange division is seeking an experienced IT Auditor. On-site presence is required on Tuesday and Thursday each week. Please note that parking is not provided for contractors.
Complete Description
About the Role
Our Client's Health Benefit Exchange division is seeking an experienced IT auditor to support our transition to a new security standard and strengthen our third-party risk management program. This role will help interpret and implement updated security requirements, conduct audits and assessments of both internal processes and external vendors and partners, evaluating controls and recommending improvements.
Responsibilities Include: Assess current security controls and processes against new CMS, IRS, and SCC security standards. Identify gaps and recommend remediation steps to achieve and maintain compliance. Plan, lead, and execute development and updates to policies, procedures, and documentation to reflect requirements. Design, implement, and train on the process for assessing partners and vendors, ensuring alignment with security standards. Develop assessment tools, workflows, and scoring model to evaluate and measure the effectiveness and compliance of vendor and partner security controls. Evaluate the security posture of vendors and partners to ensure information security contractual, information sharing, and data sharing agreement requirements are met. Test the effectiveness of operational and management controls using interviews, document reviews, and observation. Analyze, assess, report, and present on audit findings, risk exposure, and recommendations. Support information security continuous monitoring and incident response programs. Perform related work as required. Skills
Audit and compliance/information security/information technology experience or combination thereof: Required, 8 Years Information Security control audit and assessment experience: Required, 4 Years NIST 800-53 or other security framework: Required, 4 Years Perform testing, analysis, reporting, and develop remediation plans for compliance with operational and management controls: Required, 4 Years Develop and update policies, procedures, and documentation: Required, 2 Years Healthcare, health insurance, or ACA: Desired, 2 Years Industry recognized certification - CISA, CIA, GSNA, CISSP, or equivalent: Desired, 2 Years Additional Information
Agency Interview Type: Both Web Cam and In Person Interview Work Arrangement: Hybrid
We are a people-focused company with a deep emphasis on family values and look forward to working with you.
Dechen Consulting Group (DCG) is a rapidly expanding, innovative IT Professional Services and Management Consulting company with a track record of more than twenty-five years in delivering skilled professionals to our clients across diverse sectors.
Job Opportunity
We are currently offering a C2C opportunity in Virginia with the potential to extend over multiple years, with the chance to transition to a direct hire position with our client. We provide healthcare, vacation, relocation assistance, and visa sponsorship/transfer. This role offers excellent prospects for career progression!
Short Description
Our Client's Health Benefit Exchange division is seeking an experienced IT Auditor. On-site presence is required on Tuesday and Thursday each week. Please note that parking is not provided for contractors.
Complete Description
About the Role
Our Client's Health Benefit Exchange division is seeking an experienced IT auditor to support our transition to a new security standard and strengthen our third-party risk management program. This role will help interpret and implement updated security requirements, conduct audits and assessments of both internal processes and external vendors and partners, evaluating controls and recommending improvements.
Responsibilities Include: Assess current security controls and processes against new CMS, IRS, and SCC security standards. Identify gaps and recommend remediation steps to achieve and maintain compliance. Plan, lead, and execute development and updates to policies, procedures, and documentation to reflect requirements. Design, implement, and train on the process for assessing partners and vendors, ensuring alignment with security standards. Develop assessment tools, workflows, and scoring model to evaluate and measure the effectiveness and compliance of vendor and partner security controls. Evaluate the security posture of vendors and partners to ensure information security contractual, information sharing, and data sharing agreement requirements are met. Test the effectiveness of operational and management controls using interviews, document reviews, and observation. Analyze, assess, report, and present on audit findings, risk exposure, and recommendations. Support information security continuous monitoring and incident response programs. Perform related work as required. Skills
Audit and compliance/information security/information technology experience or combination thereof: Required, 8 Years Information Security control audit and assessment experience: Required, 4 Years NIST 800-53 or other security framework: Required, 4 Years Perform testing, analysis, reporting, and develop remediation plans for compliance with operational and management controls: Required, 4 Years Develop and update policies, procedures, and documentation: Required, 2 Years Healthcare, health insurance, or ACA: Desired, 2 Years Industry recognized certification - CISA, CIA, GSNA, CISSP, or equivalent: Desired, 2 Years Additional Information
Agency Interview Type: Both Web Cam and In Person Interview Work Arrangement: Hybrid
We are a people-focused company with a deep emphasis on family values and look forward to working with you.