Virginia Premier Health Plan Manager, Risk and Security Compliance in Richmond, Virginia

Overview

Reporting to theDirector of Risk, Governance, and Security, theManager of Risk and Security Complianceis responsible for developing and managing the Information Systems Risk Management Program and the Information Systems Security Compliance Program. The Risk Management Program includes, but is not limited to, the continuous security risk assessment of the enterprise, the continuous risk assessment of securely moving sensitive data, and other secure communications. The Security Compliance Program includes, but is not limited to, the development of policies and procedures necessary to meet regulatory requirements of VITA Sec501 and others VITA standards, the requirements of the HIPAA Security Rule, establish internal security compliance assessments, interface with external and internal auditors, and oversee the remediation of audit findings. This position requires the ability to work with senior and executive management, excellent written and oral communications skills, and collaborating with other areas and vendors to the development of Information Assurance.

Responsibilities

  • Develop and publish Information Security policies, procedures, standards, and guidelines based on knowledge of best practices and compliance requirements.

  • Collaborate with peers to share the corporate security vision.

  • Establish relationships with the various Lines of Business and VCUH and work toward alignment with the VPHP business strategy and goals.

  • Monitor and advice management of the status of risk and compliance issues related to security controls.

  • Oversee all IT related audits and remediation of findings.

  • Develop and execute internal regulatory compliance assessments and track remediation efforts to include POAMs.

  • Collaborate with management, Program Integrity, VCUH Infrastructure and Security management to maintain communications on projects.

  • Work with the Manager of Security, Response, and Recovery to develop security awareness training that meets the regulatory requirements.

Qualifications

MINIMUM EDUCATION REQUIREMENTS

  • Bachelor’s Degree is required (Information Systems, Business, Mathematics, Accounting or related disciplines preferred.)

SPECIAL KNOWLEDGE AND/OR SKILLS

  • Five+ years of progressive experience in information security auditing, information assurance, and risk management or a combination of these.

  • CISA, CISM, CRISC or other professional Information Security certification a must.

  • Knowledge of Security Frameworks and Standards is required (COV Information Security Standards, NIST Risk Management Framework, NIST Cybersecurity Framework preferred.)

  • Excellent written and oral communication skills including presentations to senior management and/or teaching/instructor skills.

  • Project Management Skills desirable.

  • Ability to lead and manage direct reports

WORK BACKGROUND/EXPERIENCE

  • 2 years of experience in an IT Security, Audit, or Compliance Management Role - Healthcare Industry experience is a plus.

  • At least 2 years experience in remediating vulnerabilities and audit findings

PHYSICAL REQUIREMENTS

  • Physical health sufficient to meet the ergonomic standards and demands of the position

About Us

Virginia Premier is a managed care organization which began as a full-service Medicaid MCO in 1995. Partnered with VCU Medical Systems we strive to meet the needs of the underserved and vulnerable populations in Virginia by delivering quality driven, culturally sensitive and financially viable Medicare and Medicaid healthcare programs. Headquartered in Richmond, VA we also have offices in Roanoke, Tidewater and Bristol with additional satellite locations allowing us to serve over 200,000 members across eighty counties throughout Virginia.

We offer competitive salaries and a comprehensive benefits package to include excellent Medical, Dental and Vision Plans, Tuition Assistance, Infant-At-Work Program, Remote Work options and generous vacation and sick leave policies. Our culture supports an environment where employees can continuously learn and gain professional growth through various development programs, education, exciting projects and career mobility.

All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status. EOE

Our mission is to inspire healthy living within the communities we serve!

Job ID 2018-5263

As an equal opportunity employer, Virginia Premier is committed to a diverse workforce. To ensure non-discrimination and affirmative action for individuals protected by Executive Order 11246, as amended, Section 503 of the Rehabilitation Act of 1973, as amended, the Vietnam Veterans’ Readjustment Act of 1974, as amended, and Title I of the Americans with Disabilities Act of 1990, as amended, Virginia Premier will consider applicants for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. Applicants who require accommodation in the job application process may contact Recruitment at 804-819-5151 for assistance. It is the policy of Virginia Premier Health Plan, Inc., to comply with the requirements of the Drug-Free Workplace Act of 1988. It is a violation of our drug-free workplace policy to use, possess, sell, trade, and/or offer for sale alcohol, illegal drugs or intoxicants in our workplace. Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States. Virginia Premier participates in E-verify.