• Manager, Risk and Security Compliance

    Job Locations US-VA-Richmond
    Job ID
  • Overview

    Reporting to the Director of Risk, Governance, and Security, the Manager of Risk and Security Compliance is responsible for developing and managing the Information Systems Risk Management Program and the Information Systems Security Compliance Program.  The Risk Management Program includes, but is not limited to, the continuous security risk assessment of the enterprise, the continuous risk assessment of securely moving sensitive data, and other secure communications.  The Security Compliance Program includes, but is not limited to, the development of policies and procedures necessary to meet regulatory requirements of VITA Sec501 and others VITA standards, the requirements of the HIPAA Security Rule, establish internal security compliance assessments, interface with external and internal auditors, and oversee the remediation of audit findings.  This position requires the ability to work with senior and executive management, excellent written and oral communications skills, and collaborating with other areas and vendors to the development of Information Assurance.


    • Develop and publish Information Security policies, procedures, standards, and guidelines based on knowledge of best practices and compliance requirements.
    • Collaborate with peers to share the corporate security vision.
    • Establish relationships with the various Lines of Business and VCUH and work toward alignment with the VPHP business strategy and goals.
    • Monitor and advice management of the status of risk and compliance issues related to security controls.
    • Oversee all IT related audits and remediation of findings.
    • Develop and execute internal regulatory compliance assessments and track remediation efforts to include POAMs.
    • Collaborate with management, Program Integrity, VCUH Infrastructure and Security management to maintain communications on projects.
    • Work with the Manager of Security, Response, and Recovery to develop security awareness training that meets the regulatory requirements.



    • Bachelor’s Degree is required (Information Systems, Business, Mathematics, Accounting or related disciplines preferred.)


    • Five+ years of progressive experience in information security auditing, information assurance, and risk management or a combination of these.
    • CISA, CISM, CRISC or other professional Information Security certification a must.
    • Knowledge of Security Frameworks and Standards is required (COV Information Security Standards, NIST Risk Management Framework, NIST Cybersecurity Framework preferred.)
    • Excellent written and oral communication skills including presentations to senior management and/or teaching/instructor skills.
    • Project Management Skills desirable.
    • Ability to lead and manage direct reports


    • 2 years of experience in an IT Security, Audit, or Compliance Management Role - Healthcare Industry experience is a plus.
    • At least 2 years experience in remediating vulnerabilities and audit findings


    • Physical health sufficient to meet the ergonomic standards and demands of the position

    About Us

    Virginia Premier is a managed care organization which began as a full-service Medicaid MCO in 1995. Partnered with VCU Medical Systems we strive to meet the needs of the underserved and vulnerable populations in Virginia by delivering quality driven, culturally sensitive and financially viable Medicare and Medicaid healthcare programs.  Headquartered in Richmond, VA we also have offices in Roanoke, Tidewater and Bristol with additional satellite locations allowing us to serve over 200,000 members across eighty counties throughout Virginia. 


    We offer competitive salaries and a comprehensive benefits package to include excellent Medical, Dental and Vision Plans, Tuition Assistance, Infant-At-Work Program, Remote Work options and generous vacation and sick leave policies. Our culture supports an environment where employees can continuously learn and gain professional growth through various development programs, education, exciting projects and career mobility.  


    All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status. EOE


    Our mission is to inspire healthy living within the communities we serve!


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.