Manager IT-Cybersecurity Compliance

About The Position

Requirements

• 5+ years in a cyber security management role, preferably in Governance, Risk or Compliance with a Bachelor's Degree (Required)
• 7+ years in a cyber security management role, preferably in Governance, Risk or Compliance without a Bachelor's Degree (Required)
• Experience with various industry regulations and frameworks (PCI, HIPAA, Data Privacy Laws, ISO27001/2, NIST, HITRUST, etc.)
• Experience with GRC tools such as Service Now, Archer, etc.
• Experience working in a highly regulated environment.
• Experience in information security and auditing with increasing responsibilities.
• Strong background in security controls, auditing, network, and system security.
• Ability to express complex technical concepts in business terms.
• Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change.
• Ability to build and manage a highly motivated team
• Organized and detail-oriented, able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently.
• Proven ability to manage and mentor cyber security analysts at all levels.

Nice To Haves

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (Preferred)
• CISSP (Certified Information Systems Security Professional)(Preferred)
• CISM (Certified Information Security Manager)(Preferred)
• CRISC (Certified in Risk and Information Systems Control)(Preferred)
• CISA (Certified Information Systems Auditor)(Preferred)
• Preferred candidates will have moved up through the ranks of Cyber Security Governance, Risk and Compliance.

Responsibilities

• Lead team of cyber security compliance professionals to measure compliance against a broad range of control requirements, both internally and externally.
• Ownership of cyber security compliance strategy, programs and related initiatives including regulatory audits and compliance management, Controls testing, medical device security, metrics and risk and performance indicators.
• Understand key security and compliance frameworks including but not limited to HIPAA, HICP 405(d), NIST800-171, SOC2, ISO27001, and laws/regulations.
• Manage compliance initiatives to ensure control effectiveness with applicable laws and regulations, as well as internal policies and procedures.
• Monitor activities of assigned IT areas to ensure control assurance of internal policies and standards.
• Participate in the development and implementation of new business initiatives involving compliance to ensure functionality required to support required compliance.
• Provide guidance to business functions on compliance/security-related matters and lead investigations.
• Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate corrective actions process for ownership and timely remediations.
• Initiate improvement activities to reduce risk, ensure compliance, lower cost, and improve quality within IT processes.
• Refine and revise existing policies

Benefits

• Medical, Dental, Vision plans
• Adoption, Fertility and Surrogacy Reimbursement up to $10,000
• Paid Time Off and Sick Leave
• Paid Parental & Family Caregiver Leave
• Emergency Backup Care
• Long-Term, Short-Term Disability, and Critical Illness plans
• Life Insurance
• 401k/403B with Employer Match
• Tuition Assistance – $5,250/year and discounted educational opportunities through Guild Education
• Student Debt Pay Down – $10,000
• Reimbursement for certifications and free access to complete CEUs and professional development
• Pet Insurance
• Legal Resources Plan
• Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.