Lead Information Secruity &Privacy Auditor & Risk Analyst

Information Technology
1810985 Requisition #
Share this Job

The Lead Information Security and Privacy Auditor and Risk Analyst functions as a highly skilled internal control and risk consultant responsible for leading internal privacy, security, risk and IT audits and assessments coordinating external privacy, security, risk and IT audits and assessment, providing risk education and project consulting services on behalf of the HFHS including all of its subsidiaries to mitigate risk and assess the control environment of each auditable unit. The position conducts mandate, regulatory, statutory, vendor, legal, financial, and operational audits and assessments for operations including business processes and IT. The position requires technical and operational knowledge of information security, audit and risk best practices, as well as, legal and regulatory compliance requirements that impact privacy and security or introduce risk for the enterprise. The position will support HFHS as well as its subsidiaries. The candidate must have the ability to develop work with minimal supervision, maintain and report against a work plan, as work progresses give appropriate updates and status reports, given scope and objectives and serve as a point of contact and liaison with internal and external auditors, assessors, vendors and clients and assist other staff members.



  • Bachelor's Degree in Business Administration, Engineering, and Information Systems, Information Assurance or closely related field required.
  • Degree in other areas with appropriate level of experience and expertise is acceptable.
  • Experience providing working knowledge and skills in the following: Security laws, mandates, standards and best practices (i.e., HIPAA, ISO, ACA, DFIS, NACHA, Payor customer group security requirements, PCI, HITECH, GLB, etc.).
  • Minimum seven (10) years related experience, which includes five (5) years of operational and technology auditing experience, and (3) years of operational or IT risk experience.
  • Experience or knowledge of technical and operational, business and healthcare environment preferably Payor related healthcare activities.
  • Familiarity with national security standards, business continuity, disaster recover, auditing, risk management, vulnerability assessments, regulatory compliance, and incident management.
  • Strong understanding of project management and information technology background.
  • Valid and unrestricted driver's license required.
  • Good analytical, organizational, verbal and written communication skills.
  • Ability to solve problems in a dynamic team environment and handle multiple assignments in a timely manner.
  • Experience in conflict management skills necessary to resolve issues where corporate areas are in disagreement.
  • Ability to effectively interface with various levels of management internally and as well as contacts outside the organization.
  • Must be able to travel to other HFHS and Subsidiary facilities and vendor sites to meet with operating or audit personnel.



  • CISA or CCSA, and CRISC, or CISSP.
  • ITIL v3.0 certified required within one year.


       Henry Ford Health System, one of the largest and most comprehensive integrated U.S. health

       care systems, is a national leader in clinical care, research and education.  The system includes

       the 1,200-member Henry Ford Medical Group, five hospitals, Health Alliance Plan (a health

       insurance and wellness company), Henry Ford Physician Network, a 150-site ambulatory

       network and many other health-related entities throughout southeast Michigan, providing a

       full continuum of care.  In 2015, Henry Ford provided $299 million in uncompensated care.

       The health system also is a major economic driver in Michigan and employs more than 24,600

       employees.  Henry Ford is a 2011Malcolm Baldrige National Quality Award recipient.  The

       health system is led by President and CEO Wright Lassiter III.  To learn more, visit HenryFord.com.


       Whether it's offering a new medical option, helping you make healthier lifestyle choices or

       making the employee enrollment selection experience easier, it's all about choice.  Henry

       Ford Health System has a new approach for its employee benefits program - My Choice

       Rewards.  My Choice Rewards is a program as diverse as the people it serves.  There are

       dozens of options for all of our employees including compensation, benefits, work/life balance

       and learning - options that enhance your career and add value to your personal life.  As an

       employee you are provided access to Retirement Programs, an Employee Assistance Program

       (Henry Ford Enhanced), Tuition Reimbursement, Paid Time Off, Employee Health and Wellness

       and access to day care services at Bright Horizons Midtown Detroit, and a whole host of other

       benefits and services.

      Equal Employment Opportunity/Affirmative Action Employer

        Equal Employment Opportunity / Affirmative Action Employer Henry Ford Health System is

        committed to the hiring, advancement and fair treatment of all individuals without regard to

        race, color, creed, religion, age, sex, national origin, disability, veteran status, size, height,

        weight, marital status, family status, gender identity, sexual orientation, and genetic information,

        or any other protected status in accordance with applicable federal and state laws.

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Detroit, Michigan

📁 Information Technology

Detroit, Michigan

📁 Information Technology

Detroit, Michigan

📁 Information Technology