Sr. Manager - Security Governance Risk and Compliance (Healthcare), CS at Cognizant
Posted in Information Technology 30+ days ago.
This job brought to you by eQuest
Location: Teaneck, New Jersey
Security Governance Risk and Compliance
Cognizant requires a Sr. Manager to build and manage the Security Governance Risk and Compliance Program for a specific healthcare client. The Sr. Manager, Global Corporate Security will provide client specific strategic guidance, and operational management to the client security team. Candidates will have a proven ability to infuse innovation and creativity into tactical and strategic planning with a focus on exceptional customer service. The Individual will execute, drive enhancements and strategic initiatives, and track projects.
· Serve as a leader for a specific Healthcare account for Governance, Risk, and Compliance, spanning across all functions of an account security organization including, Cyber Security, Application Security, Identity and Access Management, Security Operations Management, and Business Continuity and Disaster Recovery
· Serve as a subject material expert of Security Governance, Risk, and Compliance frameworks and regulations as applicable to the Healthcare industry
· Collaborate with Corporate Security leadership in the Security Governance, Risk and Compliance space
· Execute policies, standards and procedures specific set by enterprise standards and account specific standards as they apply to Security Governance, Risk, and Compliance requirements
· Lead security risk assessment and audit activities, and related analysis, including ongoing compliance monitoring in coordination with Privacy Officer and Legal Team members
· Sustains and improves the Security Governance, Risk, and Compliance program through discussion and collaboration with account team and Corporate Security leaders
· Ensure the production and improvement of the content, quality, and timing of security governance, risk and compliance analysis and reporting.
· Manage and Lead Security Compliance Education and Awareness activities to ensure all associates understand, acknowledge and ultimately fulfill their responsibilities as defined in Cognizant, and a specific Healthcare account’s, Acceptable Use and code of Ethics Standards.
· Manage all aspects of Project Delivery Process for projects that range in scope, budget and team size.
· Monitor and evaluate security measures to protect against reasonably anticipated threats or hazards to the privacy, security or integrity of PHI
· Develop project plans, estimations, specifications, flowcharts, and presentations
· Conduct regular project reviews and accurately communicates the status of projects in both formal and informal settings throughout project lifecycle.
· Lead and execute PCI-DSS related activities including the identification of compliance gaps, the development of remediation plans, scan, PCI certification, documentation, monitoring compliance status, and ultimate attestation of compliance
· Lead and execute security compliance reviews of master service agreements and advise business team regarding gaps and corresponding mitigation requirements
· The candidate should have a Bachelor’s degree in Information Systems Risk Management, Computer Science, or related field, or equivalent experience
· 8+ Years of experience with a thorough understanding of Information Security Principles and practices
· Have experience managing Security Governance, Risk, and Compliance within a large organization
· Proficiency and experience, developing and managing dynamic controls framework based on HITRUST, ISO, COBIT, HIPAA, NIST, and other relevant regulations and legislation
· Proficiency and experience using Governance, Risk, and Compliance Tools
· Ability to create professional presentations using MS Office (Outlook, Excel, PowerPoint, and Word)
· Project management skills with an ability to achieve results
· Strong intellect with a balance of strategic thinking and analytical skills
· Be familiar with current good security practices gleaned from sources such as ISO and NIST plus applicable laws and regulations
· Be a people’s person delivering information security awareness, ideally with experience of developing the creative materials used
· Motivate and lead teams and instilling a mindset of continuous process improvement.
· Promote the effective teamwork and spirit of partnership
· Security certifications desired such as HCISPP, CHPS, CISA, CISSP, CISM, and CRISC
· Excellent written and verbal communication and organizational skills
· Be Pro-active and self-motivated
· Be inspirational, enthusiastic and evangelistic promoter of information security
· Must be reliable and adaptable.
· Exude confidence and professionalism
· Outstanding work ethic
· Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources
· Experience with working on global teams across time zones, cultures and languages