Senior Consultant, Healthcare Advisory
Posted 2026-05-06
Remote, USA
Full-time
Immediate Start
- Job Description:
- Execute healthcare advisory engagements including Governance, Risk, and Compliance (GRC) assessments, gap analyses, and remediation support.
- Support and deliver services across Incident Response (IR), Disaster Recovery (DR), Business Impact Analysis (BIA), and Business Continuity Planning (BCP) engagements.
- Assist with Vendor Risk Management (VRM) and Cybersecurity Supply Chain Risk Management (C‑SCRM) activities for healthcare organizations.
- Develop and update healthcare specific documentation, including: Policies and procedures, Risk assessment reports, System and program documentation, Plans and playbooks
- Collect, analyze, and map client provided evidence to healthcare regulatory and framework requirements.
- Lead client interviews, workshops, and working sessions with IT, compliance, security, and operational stakeholders.
- Manage assigned tasks and deliverables to meet project timelines, utilization targets, and quality expectations.
- Collaborate with Project Managers, Principals, and Directors to support successful engagement execution.
- Contribute to client presentations and status updates.
- Ensure accuracy, consistency, and quality of assigned deliverables.
- Maintain and grow healthcare regulatory and cybersecurity knowledge.
- Pursue and maintain relevant certifications aligned to healthcare advisory services.
- Incorporate feedback from peer review and quality management processes.
- Contribute to thought leadership, white papers, and blogs to expand technical expertise and support practice level objective.
- Travel up to 25–50%, depending on client needs
- Requirements:
- 4–6 years of experience in cybersecurity, GRC, compliance, risk management, or related consulting roles.
- Bachelor’s degree in Information Security, Information Systems, Computer Science, Business, or equivalent experience.
- Experience supporting or delivering advisory or assessment engagements in healthcare or regulated environments.
- Working knowledge of healthcare regulations and frameworks, including: HIPAA / HITECH, HITRUST, CMS requirements (as applicable), NIST 800‑series frameworks
- Experience developing compliance documentation and assessment reports.
- Familiarity with cloud based and on-premises IT environments.
- Strong written and verbal communication skills.
- Ability to clearly document and explain compliance and risk concepts.
- Strong attention to detail and organizational skills.
- Ability to manage multiple tasks and deadlines.
- Consulting mindset with the ability to build trust and credibility with clients.
- Comfortable working independently while escalating issues appropriately
- The ability to organize and lead engagement activities while training junior staff on project workflow and both the mechanical and technical aspects of developing project deliverables.
- Dependent on the framework(s) you will be supporting, you must have one or more of the following: HITRUST Certified CSF Practitioner (CCSFP) – for healthcare focus, FedRAMP related certifications (if applicable), CompTIA Security + certification or equivalent work experience, CompTIA Network + certification or equivalent work experience
- Benefits:
- paid parental leave
- flexible time off
- certification and training reimbursement
- digital mental health and wellbeing support membership
- comprehensive insurance options