HIPAA Security Expert (GOV), Tempus Technologies

About The Position

Requirements

• Expert knowledge of HIPAA Security Rule requirements, OCR guidance, and related regulatory frameworks.
• Strong understanding of security architecture, authentication models, encryption technologies, logging/monitoring, and secure system design.
• Ability to translate regulatory obligations into practical, technically sound requirements for engineering teams.
• Skill in evaluating system diagrams, data flows, and technical configurations for compliance and risk implications.
• Strong analytical writing skills and ability to produce audit-ready documentation.
• Ability to communicate complex security and regulatory concepts to diverse audiences.
• Demonstrated experience with HIPAA Security Rule implementation or oversight.
• University / college degree, with 5+ years of industry-relevant experience (or a comparable combination of education, job specific certification(s), and experience, including military service, may be considered in lieu of a degree).
• Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions (Customer Focused).
• Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework (Managing Risk).

Nice To Haves

• Certifications: HCISPP, CISSP, CISM, CHPS, CISA, or equivalent.
• Experience in regulated environments (healthcare, financial, critical infrastructure) strongly preferred.

Responsibilities

• Provides authoritative guidance to system owners, product teams, and executive leadership on regulatory obligations and security implications of business and technical decisions.
• Supports internal audits, third-party assessments, client due diligence, and regulatory inquiries.
• Leads the development, implementation, and continuous improvement of the organization’s HIPAA Security Program in accordance with 45 CFR §164.308, §164.310, and §164.312.
• Establishes Line of Business risk management strategy and oversees the execution of the risk management programs.
• Serves as an advocate for the risk management program.
• Ensures the risk management strategies and programs are established, maintained and enhanced to support the businesses in managing their risks while meeting business and regulatory expectations.
• Oversees the timely and proper execution of the risk management program within and/or across the lines of business.
• Includes consultation to execute the program components.
• Provides risk expertise while working with the businesses and other risk partners (e.g., Compliance, Credit, Legal, Audit).
• Monitors changes in internal and external factors and identifies emerging risks.
• Leads and engages cross functional teams and develops internal capabilities.

Benefits

• Medical/prescription drug coverage (with a Health Savings Account feature)
• Dental options
• Vision options
• Employee and spouse/child life insurance
• Short and long-term disability protection
• 401(k) with PNC match
• Pension plans
• Stock purchase plans
• Dependent care reimbursement account
• Back-up child/elder care
• Adoption reimbursement
• Surrogacy reimbursement
• Doula reimbursement
• Educational assistance, including select programs fully paid
• Robust wellness program with financial incentives
• Maternity and/or parental leave
• Up to 11 paid holidays each year
• 9 occasional absence days each year, unless otherwise required by law
• Between 15 to 25 vacation days each year, depending on career level; and years of service