Manager IT-Cybersecurity Compliance

Manager Cyber Security Compliance

Location:

Norfolk, VA

Work Shift:

First (Days)

The Manager Cyber Security Compliance is responsible for establishing and maintaining the overall cyber security compliance program. This position will lead a team of cyber security compliance professionals by enabling a holistic compliance framework and assurance readiness for regulations, standards, and contract obligations within Sentara Healthcare. Managing and reporting on cyber security compliance in a manner that meets Sentara Healthcare's requirements.

Reporting to the Director of GRC in Cyber Security, this leader ensures compliance against regulatory, industry and contractual requirements. Further, set the strategy and drive effective process, methodology and technology solutions to support the cyber defense of Sentara Healthcare, focusing on continuous improvement, data protection, governance, risk management, and mitigation.

As a domain expert in compliance and assurance, engage at management and technical levels to develop/refine strategy, identify control breakdowns, risks, and opportunities to deliver a comprehensive and robust compliance function. In addition, elevate how we engage with business and technology control owners. Establish a framework and process to execute readiness assessments for compliance against cyber security standards and requirements.

• Lead team of cyber security compliance professionals to measure compliance against a broad range of control requirements, both internally and externally.
• Ownership of cyber security compliance strategy, programs and related initiatives including regulatory audits and compliance management, controls testing, medical device security, metrics and risk and performance indicators.
• Understand key security and compliance frameworks including but not limited to HIPAA, HICP 405(d), NIST
  800-171, SOC2, ISO
  27001, and laws/regulations.
• Manage compliance initiatives to ensure control effectiveness with applicable laws and regulations, as well as internal policies and procedures.
• Monitor activities of assigned IT areas to ensure control assurance of internal policies and standards.
• Participate in the development and implementation of new business initiatives involving compliance to ensure functionality required to support required compliance.
• Provide guidance to business functions on compliance/security-related matters and lead investigations.
• Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate corrective actions process for ownership and timely remediations.
• Initiate improvement activities to reduce risk, ensure compliance, lower cost, and improve quality within IT processes.
• Refine and revise existing policies

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (Preferred)

OR

• 7+ years in a cyber security management role, preferably in Governance, Risk or Compliance without a Bachelor's Degree (Required)

• CISSP (Certified Information Systems Security Professional)(Preferred)
• CISM (Certified Information Security Manager)(Preferred)
• CRISC (Certified in Risk and Information Systems Control)(Preferred)
• CISA (Certified Information Systems Auditor)(Preferred)

Caring For Your Family and Your Career Medical, Dental, Vision plans Adoption, Fertility and Surrogacy Reimbursement up to $10,000 Paid Time Off and Sick Leave Paid Parental & Family Caregiver Leave Emergency Backup Care Long-Term, Short-Term Disability, and Critical Illness plans Life Insurance 401k/403B with Employer Match Tuition Assistance $5,250/year and discounted educational opportunities through Guild Education Student Debt Pay Down $10,000 Reimbursement for certifications and free access to complete CEUs and professional development Pet Insurance Legal Resources Plan Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.

Sentara Health is an equal opportunity employer and prides itself on the diversity and inclusiveness of its close to an almost 30,000-member workforce. Diversity, inclusion, and belonging is a guiding principle of the organization to ensure its workforce reflects the communities it serves.

In support of our mission "to improve health every day," this is a tobacco-free environment.

For positions that are available as remote work, Sentara Health employs associates in the following states:
Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.