Senior Consultant, Healthcare Advisory

Job Description: • Execute healthcare advisory engagements including Governance, Risk, and Compliance (GRC) assessments, gap analyses, and remediation support. • Support and deliver services across Incident Response (IR), Disaster Recovery (DR), Business Impact Analysis (BIA), and Business Continuity Planning (BCP) engagements. • Assist with Vendor Risk Management (VRM) and Cybersecurity Supply Chain Risk Management (C‑SCRM) activities for healthcare organizations. • Develop and update healthcare specific documentation, including: Policies and procedures, Risk assessment reports, System and program documentation, Plans and playbooks • Collect, analyze, and map client provided evidence to healthcare regulatory and framework requirements. • Lead client interviews, workshops, and working sessions with IT, compliance, security, and operational stakeholders. • Manage assigned tasks and deliverables to meet project timelines, utilization targets, and quality expectations. • Collaborate with Project Managers, Principals, and Directors to support successful engagement execution. • Contribute to client presentations and status updates. • Ensure accuracy, consistency, and quality of assigned deliverables. • Maintain and grow healthcare regulatory and cybersecurity knowledge. • Pursue and maintain relevant certifications aligned to healthcare advisory services. • Incorporate feedback from peer review and quality management processes. • Contribute to thought leadership, white papers, and blogs to expand technical expertise and support practice level objective. • Travel up to 25–50%, depending on client needs Requirements: • 4–6 years of experience in cybersecurity, GRC, compliance, risk management, or related consulting roles. • Bachelor’s degree in Information Security, Information Systems, Computer Science, Business, or equivalent experience. • Experience supporting or delivering advisory or assessment engagements in healthcare or regulated environments. • Working knowledge of healthcare regulations and frameworks, including: HIPAA / HITECH, HITRUST, CMS requirements (as applicable), NIST 800‑series frameworks • Experience developing compliance documentation and assessment reports. • Familiarity with cloud based and on-premises IT environments. • Strong written and verbal communication skills. • Ability to clearly document and explain compliance and risk concepts. • Strong attention to detail and organizational skills. • Ability to manage multiple tasks and deadlines. • Consulting mindset with the ability to build trust and credibility with clients. • Comfortable working independently while escalating issues appropriately • The ability to organize and lead engagement activities while training junior staff on project workflow and both the mechanical and technical aspects of developing project deliverables. • Dependent on the framework(s) you will be supporting, you must have one or more of the following: HITRUST Certified CSF Practitioner (CCSFP) – for healthcare focus, FedRAMP related certifications (if applicable), CompTIA Security + certification or equivalent work experience, CompTIA Network + certification or equivalent work experience Benefits: • paid parental leave • flexible time off • certification and training reimbursement • digital mental health and wellbeing support membership • comprehensive insurance options