×
Register Here to Apply for Jobs or Post Jobs. X

IT Security Governance Officer

Job in Rockville, Montgomery County, Maryland, 20849, USA
Listing for: DOMA Technologies
Full Time position
Listed on 2026-07-11
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, IT Consultant
Salary/Wage Range or Industry Benchmark: 120000 - 180000 USD Yearly USD 120000.00 180000.00 YEAR
Job Description & How to Apply Below

Overview

At Commence, we’re the start of a new age of data‑centric transformation, elevating health outcomes and powering more efficient patient and program health processes. We combine quality data‑driven solutions that fuel answers, technology that advances performance, and clinical expertise that builds trust to create a more efficient path to quality care. With human‑centered, healthcare‑relevant, and value‑based solutions, we create new possibilities with data.

We provide proof beyond the concept and performance beyond the scope, with a focus on efficiencies that transform the lives of those we serve. With a culture driven by purpose, straightforward communication, and clinical domain expertise, Commence cuts straight to better care.

Requirements
  • Learn, document, and implement Federal and CMS information security controls in compliance with CMS IS2P2, FISMA, FedRAMP, HIPAA, and all applicable CMS security policies and procedures.
  • Disseminate and implement IT policy that aligns with CMS requirements; provide interpretation of current policies in response to inquiries or specific incidents.
  • Oversee Security Assessment and Authorization (SA&A) process, including development and maintenance of the System Security Plan (SSP), Plan of Action and Milestones (POA&M), and related ATO documentation.
  • Ensure all contractor personnel complete required CMS Information Security Awareness, Privacy, and Records Management training annually; maintain training records per CMS procedures.
  • Manage compliance with CMS encryption standards, FIPS 140 requirements, asset inventory, configuration management, vulnerability scanning, and patch remediation timelines per CMS policy.
  • Serve as primary liaison to CMS on all information security and privacy matters; respond to security incidents within required time frames and coordinate with the CMS Incident Response Team (IRT) as directed.
  • Oversee Data Use Agreement (DUA) processes and ensure compliance with CMS data access policies through the Enterprise Privacy Policy Engine (EPPE) system.
  • Maintain a complete and current inventory of all IT assets and ensure devices meet CMS and HHS‑specific encryption and configuration standards.
  • Support CMS audits, security assessments, and annual performance reviews; allow government access to facilities, systems, and personnel as required.
Qualifications
  • Minimum 5 years of combined work experience, with at least 3 of those years in the healthcare industry supporting either Federal Government agencies or commercial healthcare market in a role such as CIO, Information Technology Manager, Chief Technology Officer, or Network Administrator.
  • Knowledge of the Medicare Fee‑for‑Service (FFS) program and familiarity with CMS information security requirements, including FISMA, FedRAMP, HIPAA, CMS IS2P2, and the CMS Business Partner System Security Manual (BPSSM).
  • Bachelor’s degree in Information Systems, Computer Science, or other related technology field required. Relevant work experience in a related field may be considered in lieu of a bachelor's degree.
Preferred Qualifications
  • Prior IT security governance or CIO‑equivalent leadership experience on a CMS contract with demonstrated knowledge of CMS Security Assessment and Authorization (SA&A) processes.
  • Relevant certification such as CISSP, CISM, CISA, or equivalent information security credential.
  • Experience managing FedRAMP authorization packages and working with third‑party assessment organizations (3

    PAOs) for moderate‑impact federal systems.
  • Familiarity with CMS esMD, RACDW, IDR, and other CMS‑designated data systems used in Medicare medical review operations.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary