TorchLight: Senior Information Security Consultant (HIPAA)

TorchLight is a growing complete security service provider that is always looking to add that next piece. Join a winning culture of accountability, candor, communication, integrity, and growth.

Senior Information Security Consultant (HIPAA)

Department: Security Consulting

Reports to: Manager, Security Consulting

FLSA Status: Exempt

TorchLight is seeking an Information Security Consultant (HIPAA) to join the Security Consulting team. This position will include conducting client audits for HIPAA, NIST, FFIEC, and other standards/regulations as necessary, customizing policies and procedures, and IT governance guidance. Successful candidates will have the ability to work within teams and independently, managing their own schedule and prioritization.


  • Lead and/or support audit projects including gap analysis and full audits.
  • Learn and use knowledge in conjunction with IT audit methodologies such as PCI DSS, CoBIT, C2M2, NIST and/or ISO 27001/27002 to provide actionable recommendations to clients based on their risk, size, and complexity.
  • Assess risk in client processes or procedures, test controls, and provide written and oral reporting of results to senior management.
  • Perform audits, assessments and evaluations of client processes procedures and governance structures.
  • Acquire and maintain expert knowledge of compliance requirements as they relate to Information Technology/Security, including but not limited to PCI, NIST, GLBA, HIPAA, and others.
  • Advise clients on security risks and provide recommendations relevant to the situation, considering the size and complexity of the environment.
  • Ensure client satisfaction through detailed report review and follow-up.
  • Manage assigned engagements to completion in an efficient and timely manner.
  • Research and communicate new industry-related initiatives, trends, and directives to internal resources and clients.
  • Achieve and maintain appropriate security audit-related certifications.


  • A Bachelor’s Degree and/or equivalent work experience in an audit-related function (preferably medical IT audits).
  • Experience working with or for the medical industry
  • Excellent verbal and written communication skills.
  • The ability to communicate clearly and efficiently.
  • Required travel for this position is not expected but may reach up to 10%, thus CoviD-19 vaccination proof is required for potential onsite client interactions.
  • Additional certifications related to IT or IT security such as CISSP, CISA, or CISM.

Abilities Required:

Ability to lift 50 pounds, drive for work use, sit, and stand for long periods of time, ability to kneel and reach, and vision including focus adjustment. Approximately 25% travel is required, usually less. Must successfully pass a Washington State background check.


The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.

TorchLight Cybersecurity

To apply, please submit a cover letter and resume below

**Applications will only be considered with both a cover letter and resume.**