Email Opening
Title

Director of Security & Compliance 
About the Organization MOBE guides people to better health and more happiness. We help people discover connections between aspects of their lifestyle that affect health and well-being, including their medications and supplements. Behind our innovative solutions are robust data analytics, digital application, and a uniquely human philosophy. With one-to-one connection and compassion, we motivate people to transform their lives.


MOBE is a high-growth organization with a culture built on trust and collaboration and our team is our most significant asset. Supporting and empowering others is at the core of our service and is also the foundation of our culture. We value a workforce made up of people with differences who are eager to learn from each other and grow personally and professionally. We extend this approach to our partners and communities, seeking to increase understanding and expand opportunities across all groups. Go to https://www.mobeforlife.com/DEI for more about diversity, equity, and inclusion at MOBE.  
Description

The Director of Security and Compliance is responsible for the security of MOBE's computing and data environment as well as ensuring adherence with all applicable privacy regulations and managing MOBE's compliance programs. The Director will work with our cloud-based information systems, our workforce, clients and vendors to ensure MOBE meets all federal, state, industry and client security requirements. This position facilitates the Information Security Steering Committee, the governing body for MOBE's security and privacy program whose members are drawn from MOBE leadership.

This person will serve as MOBE's acting Chief Security Officer, working closely with the Information Technology team to develop, implement, manage and improve MOBE's information security program. This position will report to and work closely with MOBE's Chief Legal and Compliance Officer to develop, implement, manage and improve MOBE's compliance with government programs, privacy and other service-related regulatory requirements. The Director of Security and Compliance will lead a team of two security and compliance professionals.

Responsibilities:

  • Lead, manage and drive continuous improvement of MOBE's information security program, creating security and compliance strategy for supporting current and future business needs
  • Lead MOBE's compliance program, ensuring MOBE's business maintains compliance with contractual requirements and Federal and State laws, including Medicare, Medicaid, TRICARE, and other Government Programs.
  • Develop, implement and lead the annual review of security and privacy policies and procedures regarding areas such as information security, technology operations, business continuity planning, data classification security and privacy, and incident response.
  • Drive security initiatives including vendor evaluation, selection and ongoing monitoring.
  • Oversee the vendor management process to ensure new vendors meet MOBE security standards and continue to maintain compliance with those standards via MOBE's vendor security audit process.
  • Assist the Legal Department in developing vendor minimum security standards and ensuring contractual requirements regarding the protection of covered data are in place with all third parties encountering that covered data.
  • Lead an annual risk assessment interfacing with multiple departments to identify potential areas of security, compliance and privacy vulnerabilities, determine risk, create corrective action plans and remediate in a timely manner.
  • Maintain emergency procedures and incident responses. Responds to alleged violations of rules, regulations, policies, procedures by evaluating or recommending the initiation of investigative procedures. Investigate security breaches. Develop and oversee a system for uniform handling of such violations; working with Human Resources on disciplinary processes.
  • Facilitate periodic meetings and provide reports on a regular basis to keep the Information Security Steering Committee informed of the security and privacy program operation and progress of compliance efforts.
  • Oversee a comprehensive security and compliance training program, in coordination with the MOBE Learning and Development team, to include HIPAA, security and privacy training for all employees upon hire and annually thereafter. Promote heightened awareness of security and privacy threats and understanding of new and existing compliance issues and related policies and procedures.
  • Maintain current knowledge of applicable federal and state privacy laws and HITRUST certification standards. Monitor advancements in information and cloud security and privacy technologies to ensure organizational adaptation and compliance.
  • Support MOBE's legal department through research of company-wide regulatory requirements and develop related compliance programs.
  • Lead internal, client and third-party certification audits, penetration tests and vulnerability assessments.
  • Responsible for management of the Security and Compliance Administrator and the Security and Compliance Analyst and oversight of their functions.
  • Other duties as assigned to help drive to our Vision, fulfill our Mission, and abide by MOBE's Guiding Principles.
 
Position Requirements

Required:

  • Bachelor’s degree in Information Security, Data or Information Science, or related discipline or equivalent
  • 7 – 10 year track record of progressive experience in information security, compliance, privacy and risk management, including vendor management
  • Experience designing, implementing, and leading security, privacy and risk management programs in a healthcare environment
  • Comprehensive understanding of information security and IT controls, penetration and vulnerability scanning, and cloud provider security concerns
  • Working knowledge of security testing and auditing, intrusion detection, SIEM, NAC, MDM, and other state-of-the art security tools
  • Ability to present analysis and recommendations in a clear and compelling manner to both technical and nontechnical audiences, including executive management
  • Outstanding communication, interpersonal, and relationship-building skills; the ability to work well in a cross-functional environment
  • Organized, responsive, and engaged problem-solving mindset and approach
  • Experience with Medicare, Medicaid, TRICARE or other government programs
  • In depth knowledge of legal, regulatory and industry security requirements and frameworks:
    • National Institute of Standards and Technology (NIST)
    • International Organization for Standards (ISO/IEC 27001)
    • Health Insurance Portability and Accountability Act (HIPAA) and HITRUST; HITECH

Preferred:

  • Master’s degree or JD
  • Current CISSP, CHC, CISM, CIPP/US or similar industry-related certification
  • Experience with the HITRUST Certification and audit process highly desirable

Guiding Principles: We want employees who are kind, talented and committed, who live by our guiding principles and choose to work at MOBE because of these principles.

  • Care about people. We only succeed in our mission because we take good care of our own with the same energy, empathy and expertise we bring to the MOBE program. We honor who people are at work and outside of work.
  • Attitude counts. Our people believe in a friendly, human approach to helping people with their health and enjoy a culture built on trust, positivity, and well-being.
  • Do good together. As a mission-based organization, we need people who like to collaborate and are energized by doing good things.
  • Believe in the power of human potential. We need people who want opportunities for personal growth and believe in making a difference in the health care space, person by person.
  • Embrace new ideas. As a high-growth organization, we need people who have the energy and flexibility to innovate and evolve with our program.
  • Apply learnings. We learn by doing, and we’re going to get better at helping people by being able to anticipate their needs. We need people who embrace continuous improvement and are dedicated to delivering results.
  • Be relentless in the pursuit of awesome. MOBE offers a unique opportunity to help others lead more fulfilling, enjoyable lives. We need people who are ready to embrace this mission.
 
Full-Time/Part-Time -unspecified-  
EOE Statement We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.  
Location Minneapolis  

This position is currently not accepting applications.

To search for an open position, please go to http://mobellc.appone.com

WE ALSO RECOMMEND
Other Jobs Within Same Category
-- None found --



Other Jobs Within 60 Miles
Director of B2B Growth Marketing in Minneapolis, MN
Posted on: 3/27/2024
[Apply Now]
 


AppOne.comTM   copyright©1999-2021 HR Services, Inc.
Click here for technical assistance.