×
Register Here to Apply for Jobs or Post Jobs. X

Chief Information Officer; CIO

Job in Virginia Beach, Virginia, 23450, USA
Listing for: Commence
Full Time position
Listed on 2026-06-29
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, IT Consultant, IT Project Manager
Salary/Wage Range or Industry Benchmark: 150000 - 200000 USD Yearly USD 150000.00 200000.00 YEAR
Job Description & How to Apply Below
Position: Chief Information Officer (CIO)

Chief Information Officer (CIO)

At Commence, we're the start of a new age of data-centric transformation, elevating health outcomes and powering better, more efficient process to program and patient health. We combine quality data-driven solutions that fuel answers, technology that advances performance, and clinical expertise that builds trust to create a more efficient path to quality care.

With human-centered, healthcare-relevant, and value-based solutions, we create new possibilities with data. We provide proof beyond the concept and performance beyond the scope with a focus on efficiencies that transform the lives of those we serve. With a culture driven by purpose, straightforward communication and clinical domain expertise, Commence cuts straight to better care.

Requirements

The Chief Information Officer (CIO) oversees the organization's compliance with CMS information security requirements. The CIO serves as the primary point of accountability for the program's information security program, ensuring that all federal and CMS-specific IT security policies are implemented, documented, and enforced across all contract operations. This role requires deep familiarity with federal information security frameworks and direct experience in the healthcare IT environment supporting government programs.

  • Learn, document, and implement Federal and CMS information security controls in compliance with CMS IS2P2, FISMA, FedRAMP, HIPAA, and all applicable CMS security policies and procedures.
  • Disseminate and implement IT policy that aligns with CMS requirements; provide interpretation of current policies in response to inquiries or specific incidents.
  • Oversee the Security Assessment and Authorization (SA&A) process, including development and maintenance of the System Security Plan (SSP), Plan of Action and Milestones (POA&M), and related ATO documentation.
  • Ensure all contractor personnel complete required CMS Information Security Awareness, Privacy, and Records Management training annually; maintain training records per CMS procedures.
  • Manage compliance with CMS encryption standards, FIPS 140 requirements, asset inventory, configuration management, vulnerability scanning, and patch remediation timelines per CMS policy.
  • Serve as primary liaison to CMS on all information security and privacy matters; respond to security incidents within required time frames and coordinate with the CMS Incident Response Team (IRT) as directed.
  • Oversee Data Use Agreement (DUA) processes and ensure compliance with CMS data access policies through the Enterprise Privacy Policy Engine (EPPE) system.
  • Maintain a complete and current inventory of all IT assets and ensure devices meet CMS and HHS-specific encryption and configuration standards.
  • Support CMS audits, security assessments, and annual performance reviews; allow government access to facilities, systems, and personnel as required.
Qualifications
  • Minimum 5 years of combined work experience, with at least 3 of those years in the healthcare industry supporting either Federal Government agencies or commercial healthcare market in a role such as CIO, Information Technology Manager, Chief Technology Officer, or Network Administrator.
  • Knowledge of the Medicare Fee-for-Service (FFS) program and familiarity with CMS information security requirements, including FISMA, FedRAMP, HIPAA, CMS IS2P2, and the CMS Business Partner System Security Manual (BPSSM).
  • Bachelor's degree in Information Systems, Computer Science, or other related technology field required. Relevant work experience in a related field may be considered in lieu of a bachelor's degree.
Preferred Qualifications
  • Prior CIO or IT security leadership experience on a CMS contract with demonstrated knowledge of CMS Security Assessment and Authorization (SA&A) processes.
  • Relevant certification such as CISSP, CISM, CISA, or equivalent information security credential.
  • Experience managing FedRAMP authorization packages and working with third-party assessment organizations (3

    PAOs) for moderate-impact federal systems.
  • Familiarity with CMS esMD, RACDW, IDR, and other CMS-designated data systems used in Medicare medical review operations.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary