Senior Professional Security Compliance

Great companies need great teams to propel their operations. Join the group that solves business challenges and enhances the way we work and grow. Working at Gainwell carries its rewards. You'll have an incredible opportunity to grow your career in a company that values your contributions and puts a premium on work flexibility, learning, and career development.

Summary

As Senior Professional Security Compliance, you will be accountable for all security-related compliance and delivery for the customer(s) assigned. In a typical engagement, you operate as a trusted advisor in the organization, working with senior management and focusing specifically on health care industry regulated security requirements and environments in relation to client business objectives. The Senior Professional Security Compliance helps business leaders understand operational issues and plans next steps from an information security viewpoint. This requires the ability to interact and influence at a managerial level within the account such as with Delivery Leads and the Account General Manager. You will be able to demonstrate industry expertise and understanding of security governance and compliance. Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the National Institute of Standards and Technology (NIST) 800-53 framework are the standard security frameworks that the ISO will be reviewing, maintaining, and helping to assess on each designated account or health care product within Gainwell Technologies and its partners.

Your role in our mission

• Compliance and security driven.
• Support security operational governance activities.
• Ensuring delivery excellence in security tooling and business operations (Ensuring avoidance of non-performance / non-compliance leading to contractual penalties).
• Relationship management with Gainwell Technologies suppliers and the client.
• Maintain an account security plan for the selected account(s) and products.
• Report and support the management of security incidents.
• Assist audit preparation, facilitation, and remediation.
• Support the management security risks and exceptions.
• Ensure knowledge and implementation of security fundamentals, policies, and standards (regulatory and contractual).
• Escalate and resolve security issues.
• Coordinate delivery of security metrics and reporting in support of contractual commitment.

What we're looking for

• At least 3 years' experience working in a risk management, audit, security, or technical delivery role
• Bachelor degree in Computer Science, Computer Studies, Information Security (or equivalent combination of education and experience)
• Experience as a Security consultant, architect and/or engineer
• Experience with and understanding of the security and auditing regulations
• Experience with audit and compliance programs, including leading audits and remediation efforts
• Experience with HIPAA, NIST, and FedRAMP
• Excellent and effective communication skills
• Experience in working with security management including information governance and compliance
• Good understanding of information security industry best practices with hands on experience
• Experience of security processes and standards, in particular, NIST 800-53
• Knowledge of security audit processes
• Ability to adapt to new security regimes

What you should expect in this role

• Fully Remote Opportunity with the option to work anywhere within the United States.
• Opportunities to travel through your work (0-10%).
• Functionally reports to the Regional Information Security Manager as part of the Office of the Chief Information Security Officer (OCISO) to coordinate effort, solutions, and promote security practices.
• Works in conjunction with the Client Delivery Leader (CDL)
• Partners and collaborates with information security staff to leverage existing solutions and promote common standards.

The deadline to submit applications for this posting is January 6, 2025.

The pay range for this position is $72,800.00 - $104,000.00 per year, however, the base pay offered may vary depending on geographic region, internal equity, job-related knowledge, skills, and experience among other factors. Put your passion to work at Gainwell. You'll have the opportunity to grow your career in a company that values work flexibility, learning, and career development. All salaried, full-time candidates are eligible for our generous, flexible vacation policy, a 401(k) employer match, comprehensive health benefits , and educational assistance. We also have a variety of leadership and technical development academies to help build your skills and capabilities.

We believe nothing is impossible when you bring together people who care deeply about making healthcare work better for everyone. Build your career with Gainwell, an industry leader. You'll be joining a company where collaboration, innovation, and inclusion fuel our growth. Learn more about Gainwell at our company website and visit our Careers site for all available job role openings.

Gainwell Technologies is committed to a diverse, equitable, and inclusive workplace. We are proud to be an Equal Opportunity Employer, where all qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We celebrate diversity and are dedicated to creating an inclusive environment for all employees.