Description
Director Security Compliance Job Description
Director of Security Compliance
Remote
Title:
Location:
Status:
Full-time, Exempt
Education: Bachelor’s Degree
Clarvida is one of the largest providers of community-based behavioral health and social
services. At Clarvida, we deliver exceptional value by creating healthier communities
through the work of exceptional people.
As the Director of Security Compliance, you are a born leader with a passion for
compliance, with strong communication skills and excellent people management
abilities. Reporting directly to the AVP of Compliance, the Director of Security
Compliance will be expected to oversee regulatory and policy compliance governing
data access and use, dissemination, and protection.
Job Summary:
• Overseeing, managing, and maintaining the Security Compliance program, and
its staff, including, but not limited to, conducting outreach and education, system
monitoring and audits, investigations, analyzing data, preparing dashboards and
necessary reports, HIPAA security monitoring, working with outside vendors to assess
risk, resolving non-compliance concerns, and providing guidance/recommendations
Level Summary:
• Demonstrates advanced skills in critical functions related to unit's success.
Demonstrates advanced knowledge of emerging security, cyber security and HIPAA
security related technologies and processes which includes the use of AI and
associated risk. Monitors completed work of others to ensure effectiveness and
adherence to requirements. Sets clear expectations and holds team accountable.
Establishes a shared team/unit vision. Demonstrates ability to evaluate and enhance
team/unit practices that promote a strong commitment to inclusionary practices.
Coaches others using appropriate strategies. Demonstrates diplomacy. Demonstrates
ability to serve as liaison between senior-level management and staff. Resolves
complex, controversial, or unprecedented issues and problems.
Problem Solving:
•
Encounters and works to resolve highly varied and complex problems that
impacts the team and possibly the unit
•
Develops creative and/or novel approaches to resolve problems that are difficult
in nature
•
Independently resolves complex and/or unprecedented issues and problems
Independence of Action:
•
Ability to develop creative solutions and exercise good judgment when there isn’t
a clearly defined result for a task or project.
Works with AVP of Compliance to develop goals and determines how to
accomplish results
•
•
Monitors completed work of others to ensure soundness of approach,
effectiveness of meeting requirements, the feasibility of recommendations and
adherence to requirements
•
Works collaboratively with the IT Team to resolve issues
Communication and Collaboration:
•
•
Communicates with both internal and external audiences
Collaborates closely with team members and various areas across the
organization
•
Fosters collaboration between units and engages others’ coordinated efforts to
reach desired outcomes with broad scope
Representative Duties:
•
Oversee the Security Compliance Program; assure compliance with relevant
privacy and security regulations, policies, procedures, and guidelines including the
General Data Protection Regulation, Health Insurance Portability and Accountability
Act, and Gram-Leach-Bliley Act, Artificial Intelligence regulations, etc.
•
Educate, advise and guide on compliance with data use, dissemination and
protection
•
Develop privacy and security compliance monitoring policies; establish goals and
objectives; identify successful program indicators
•
Keep abreast of changing regulatory requirements and organizational demands
impacting privacy and security; disseminate information
Develop and implement outreach and educational programs; instruct on security
and cyber requirements, policies, and best practices
Manage/conduct internal security and cyber audits and inspections; maintain
•
•
records; prepare reports detailing observations, risks, recommendations; make
appropriate notifications; provide instruction/guidance to resolve non-compliance
findings
•
Prepare workforce members for payor, grantor, accrediting body, and regulatory
authority security compliance audits and inspections; conduct security pre-
audit/inspection interviews and record reviews identifying areas of concern; prepare
reports and provide advice
•
Assist with hiring employees; train, coach; supervise, and evaluate employees;
identify and provide professional development opportunities
Lead all Security Compliance and certification maintenance activities (spanning
multiple services, business units and geographies)
•
•
•
Serve as HIPAA Security Officer for the organization
Maintain required industry certifications or attain required certifications within
one year of start date
What it takes:
• 10 years of industry experience with at least 5 years of direct compliance
security, IT security or IT infrastructure experience
• Security compliance management and/or risk management experience preferred
• Bachelor's Degree in Information Technology, Computer Sciences, or related
field. (will consider waiver in lieu of experience)
• Experience with some or all of the following: SOX, HIPAA, NIST standards
• Good grasp of general information technology concepts (e.g. Operations
Management)
• Industry security compliance (CSCS) or information security certifications (CIA,
CISA) preferred
• Industry HIPAA Privacy and/or Security certification (e.g. CHP) preferred
• Attention to detail
• Understanding of risk management and assessment
• Knowledge of compliance regulations and standards
• Strong analytic skills with good working knowledge of Excel, SmartSheet and/or
DOMO
• Strong people, collaboration, communication (both verbal and written) and time
management skills
• Ability to manage multiple large & complex initiatives simultaneously
• Ability to travel periodically, as required by job responsibilities
