Leader for at least 5-10 years. Has built teams, lead teams and grown teams.
Need someone able to influence and direct. Involvement with legal and privacy office, HR, broad range of stakeholders.
Need exp with governance coupled with privacy piece – Need to understand data, and data minimization, When to move data/protect it; will be creating governance framework, policy, standards, history, etc.
Experience with various industry regulations and frameworks (PCI, HIPAA, Data Privacy Laws, ISO27001/2, NIST, HITRUST, etc.)
Experience with GRC tools such as Service Now, Archer, etc.
Experience Working In a Highly Regulated Environment.
Experience in information security and governance with increasing responsibilities.
Strong background in security controls, auditing, network and system security.
Ability to express complex technical concepts in business terms.
Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change.
Regularly interact with all levels of management to present and discuss control effectiveness.
Review and coordinate changes to cyber security policies, procedures, and standards.
Sr. Manager – Cyber Security & Privacy Governance
The Sr. Manager – Cyber Security & Privacy Governance is responsible to drive a clear, efficient, and effective strategy for Sentara Healthcare’s technology policies, standards, and industry certifications. This leader will design, implement, and operationalize policy, standards and processes mitigating technology risks. In addition, managing and reporting on cyber security governance in a manner that meets Sentara Healthcare’s requirements. Reporting directly to the Chief Information Security Officer, this leader will work proactively across a broad range of business lines, regions, and stakeholders to implement practices that meet Sentara Healthcare’s defined policies and standards.
Essential Responsibilities
As a leader who enjoys solving complex issues and collaborating with key internal and external stakeholders, you will be accountable for driving the successful implementation of an innovative and effective cyber security and privacy governance program.
Primary Responsibilities
Lead team of cyber security and privacy governance professionals to set standards and processes to mitigate information and technology risks for Sentara Healthcare.
Establish and maintain a Governance framework for all Sentara Healthcare businesses, markets and regions addressing regulatory, industry and contractual obligations.
Establish primary oversight objectives and goals for information and technology governance by building strategic alignment, performance management, value delivery and risk management capabilities.
Develop and maintain standard processes for evaluating business and consumer risks supporting the Sentara Healthcare Cyber Security Management System.
Partner with key industry peers to conduct benchmarking exercises to provide perspective on Sentara Healthcare maturity and to proactively implement best practices.
Implement a regulatory monitoring program to evaluate impact of regulatory changes across the technology landscape and report periodically to business leadership on progress against requirements.
Evaluate and communicate cyber security & privacy risks and solutions to business leadership.
Maintain metrics, reporting and tracking program to ensure processes working as designed and risks are being tracked.
Align with cross functional teams to define & implement data protection and governance processes and technologies.
Work as a partner with Sentara Healthcare risk leaders and end users to evaluate/improve business processes, and arrive at mutual, budget-conscious, solutions; act as a change agent for business processes.
Manages the Cyber Security Awareness program, including LMS course content management, phishing assessment oversite, MAC compliance for associates and contractors, and ongoing cyber security awareness event coordination.
Oversee day to day operations and continue to design and develop the governance strategy.
Desired Characteristics
Experience leading and influencing cross-functional teams/projects.
Demonstrated customer focus – evaluates decisions through the eyes of the customer; builds strong customer relationships and creates processes with customer viewpoint.
Strong analytical skills – strong problem-solving skills, communicates in a clear and succinct manner and effectively evaluates information/data to make decisions; anticipates obstacles and develops plans to resolve.
Change oriented – actively generates process improvements; supports and drives change and confronts difficult circumstances in creative ways. Self-motivated, self-directed, flexible, and able to work under pressure and in fast paced team environment.
Demonstrated ability to lead and motivate staff and to apply skills and techniques to solve dynamic problems.
Strong problem solving, prioritization, presentation, and facilitation skills with the ability to make recommendations to all levels of the organization.
Strong functional team player with experience working seamlessly across a matrix structure.
Excellent interpersonal, written/verbal communication and leadership skills with the ability to make recommendations to all levels of the organization.
Experience with project management and execution of multiple simultaneous and / or large projects.
Agile, LEAN or Six Sigma experience.
Requirements
Experience with various industry regulations and frameworks (PCI, HIPAA, Data Privacy Laws, ISO27001/2, NIST, HITRUST, etc.)
Experience with GRC tools such as Service Now, Archer, etc.
Experience working in a highly regulated environment.
Experience in information security and governance with increasing responsibilities.
Strong background in security controls, auditing, network and system security.
Ability to express complex technical concepts in business terms.
Organized and detail-oriented, able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently.
Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change.
Regularly interact with all levels of management to present and discuss control effectiveness.
Review and coordinate changes to cyber security policies, procedures, and standards.
Seniority level
Mid-Senior level
Employment type
Contract
Job function
Finance and Sales
Industries
Staffing and Recruiting
Referrals increase your chances of interviewing at HireKeyz Inc by 2x