Manager – IT Cybersecurity Compliance

Job not on LinkedIn

🔥 6 minutes ago

⚔️ Virginia – Remote

⚔️ Virginia – Remote

⏰ Full Time

🟡 Mid-level

🟠 Senior

👮‍♂️ Cybersecurity / Security Engineer

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Sentara Health

WebsiteLinkedInAll Job Openings

10,000+ employees

Founded 1890

⚕️ Healthcare Insurance

Healthcare Insurance

Sentara Health is a leading healthcare system that operates over 300 sites of care in Virginia and northeastern North Carolina, including 12 acute care hospitals. The company is dedicated to providing exceptional patient care, fostering professional development, and maintaining a diverse workforce. Sentara Health aims to improve health every day and has been recognized for its clinical and operational performance, being named one of the top 15 health systems by IBM Watson Health. The organization supports its employees in achieving their full potential and encourages growth and innovation in the healthcare sector.

📋 Description

• The Manager – Cyber Security Compliance is responsible for establishing and maintaining the overall cyber security compliance program. • This position will lead a team of cyber security compliance professionals by enabling a holistic compliance framework and assurance readiness for regulations, standards, and contract obligations within Sentara Healthcare. • Managing and reporting on cyber security compliance in a manner that meets Sentara Healthcare’s requirements. • Reporting to the Director of GRC in Cyber Security, this leader ensures compliance against regulatory, industry and contractual requirements. • Further, set the strategy and drive effective process, methodology and technology solutions to support the cyber defense of Sentara Healthcare, focusing on continuous improvement, data protection, governance, risk management, and mitigation. • As a domain expert in compliance and assurance, engage at management and technical levels to develop/refine strategy, identify control breakdowns, risks, and opportunities to deliver a comprehensive and robust compliance function. • In addition, elevate how we engage with business and technology control owners. • Establish a framework and process to execute readiness assessments for compliance against cyber security standards and requirements. • Lead team of cyber security compliance professionals to measure compliance against a broad range of control requirements, both internally and externally. • Ownership of cyber security compliance strategy, programs and related initiatives including regulatory audits and compliance management, Controls testing, medical device security, metrics and risk and performance indicators. • Understand key security and compliance frameworks including but not limited to HIPAA, HICP 405(d), NIST800-171, SOC2, ISO27001, and laws/regulations. • Manage compliance initiatives to ensure control effectiveness with applicable laws and regulations, as well as internal policies and procedures. • Monitor activities of assigned IT areas to ensure control assurance of internal policies and standards. • Participate in the development and implementation of new business initiatives involving compliance to ensure functionality required to support required compliance.

🎯 Requirements

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (Preferred) OR 7+ years in a cyber security management role, preferably in Governance, Risk or Compliance without a Bachelor's Degree (Required) • Certification/Licensure CISSP (Certified Information Systems Security Professional)(Preferred) • CISM (Certified Information Security Manager)(Preferred) • CRISC (Certified in Risk and Information Systems Control)(Preferred) • CISA (Certified Information Systems Auditor)(Preferred) • 5+ years in a cyber security management role, preferably in Governance, Risk or Compliance with a Bachelor's Degree (Required) • 7+ years in a cyber security management role, preferably in Governance, Risk or Compliance without a Bachelor's Degree (Required) • Preferred candidates will have moved up through the ranks of Cyber Security Governance, Risk and Compliance. • Experience with various industry regulations and frameworks (PCI, HIPAA, Data Privacy Laws, ISO27001/2, NIST, HITRUST, etc.) • Experience with GRC tools such as Service Now, Archer, etc. • Experience working in a highly regulated environment. • Experience in information security and auditing with increasing responsibilities. • Strong background in security controls, auditing, network, and system security. • Ability to express complex technical concepts in business terms. • Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. • Ability to build and manage a highly motivated team. • Organized and detail-oriented, able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. • Proven ability to manage and mentor cyber security analysts at all levels.

🏖️ Benefits

• Medical, Dental, Vision plans • Adoption, Fertility and Surrogacy Reimbursement up to $10,000 • Paid Time Off and Sick Leave • Paid Parental & Family Caregiver Leave • Emergency Backup Care • Long-Term, Short-Term Disability, and Critical Illness plans • Life Insurance • 401k/403B with Employer Match • Tuition Assistance – $5,250/year and discounted educational opportunities through Guild Education • Student Debt Pay Down – $10,000 • Reimbursement for certifications and free access to complete CEUs and professional development • Pet Insurance • Legal Resources Plan • Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.