Have you applied with us before?

Manager, Risk and Security Compliance

Manager, Risk and Security Compliance

Job Locations 
US-VA-Richmond
Job ID 
2017-4443

Job Description

Overview

Reporting to the Director of Risk, Governance, and Security, the Manager of Risk and Security Compliance is responsible for developing and managing the Information Systems Risk Management Program and the Information Systems Security Compliance Program.  The Risk Management Program includes, but is not limited to, the continuous security risk assessment of the enterprise, the continuous risk assessment of securely moving sensitive data, and other secure communications.  The Security Compliance Program includes, but is not limited to, the development of policies and procedures necessary to meet regulatory requirements of VITA Sec501 and others VITA standards, the requirements of the HIPAA Security Rule, establish internal security compliance assessments, interface with external and internal auditors, and oversee the remediation of audit findings.  This position requires the ability to work with senior and executive management, excellent written and oral communications skills, and collaborating with other areas and vendors to the development of Information Assurance.

Responsibilities

  • Develop and publish Information Security policies, procedures, standards, and guidelines based on knowledge of best practices and compliance requirements.
  • Collaborate with peers to share the corporate security vision.
  • Establish relationships with the various Lines of Business and VCUH and work toward alignment with the VPHP business strategy and goals.
  • Monitor and advice management of the status of risk and compliance issues related to security controls.
  • Oversee all IT related audits and remediation of findings.
  • Develop and execute internal regulatory compliance assessments and track remediation efforts to include POAMs.
  • Collaborate with management, Program Integrity, VCUH Infrastructure and Security management to maintain communications on projects.
  • Work with the Manager of Security, Response, and Recovery to develop security awareness training that meets the regulatory requirements.

Qualifications

MINIMUM EDUCATION REQUIREMENTS

  • Bachelor’s Degree is required (Information Systems, Business, Mathematics, Accounting or related disciplines preferred.)

SPECIAL KNOWLEDGE AND/OR SKILLS

  • Five+ years of progressive experience in information security auditing, information assurance, and risk management or a combination of these.
  • CISA, CISM, CRISC or other professional Information Security certification a must.
  • Knowledge of Security Frameworks and Standards is required (COV Information Security Standards, NIST Risk Management Framework, NIST Cybersecurity Framework preferred.)
  • Excellent written and oral communication skills including presentations to senior management and/or teaching/instructor skills.
  • Project Management Skills desirable.
  • Ability to lead and manage direct reports

WORK BACKGROUND/EXPERIENCE

  • 2 years of experience in an IT Security, Audit, or Compliance Management Role - Healthcare Industry experience is a plus.
  • At least 2 years experience in remediating vulnerabilities and audit findings

PHYSICAL REQUIREMENTS

  • Physical health sufficient to meet the ergonomic standards and demands of the position

About Us

Virginia Premier is a managed care organization which began as a full-service Medicaid MCO in 1995. Partnered with VCU Medical Systems we strive to meet the needs of the underserved and vulnerable populations in Virginia by delivering quality driven, culturally sensitive and financially viable Medicare and Medicaid healthcare programs.  Headquartered in Richmond, VA we also have offices in Roanoke, Tidewater and Bristol with additional satellite locations allowing us to serve over 200,000 members across eighty counties throughout Virginia. 

 

We offer competitive salaries and a comprehensive benefits package to include excellent Medical, Dental and Vision Plans, Tuition Assistance, Infant-At-Work Program, Remote Work options and generous vacation and sick leave policies. Our culture supports an environment where employees can continuously learn and gain professional growth through various development programs, education, exciting projects and career mobility.  

 

All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status. EOE

 

Our mission is to inspire healthy living within the communities we serve!

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.