Manager, IT Risk Assurance & Compliance

Who We Are

Point32Health is a leading not-for-profit health and well-being organization dedicated to delivering high-quality, affordable healthcare. Serving nearly 2 million members, Point32Health builds on the legacy of Harvard Pilgrim Health Care and Tufts Health Plan to provide access to care and empower healthier lives for everyone. Our culture revolves around being a community of care and having shared values that guide our behaviors and decisions. We’ve had a long-standing commitment to inclusion and equal healthcare access and outcomes, regardless of background; it’s at the core of who we are. We value the rich mix of backgrounds, perspectives, and experiences of all of our colleagues, which helps us to provide service with empathy and better understand and meet the needs of the communities where we serve, live, and work. 

We enjoy the important work we do every day in service to our members, partners, colleagues and communities. Learn more about who we are at Point32Health.

Job Summary

The Manager, Cyber & Information Security, will report into the Director, Cyber & Information Security and is responsible for leading a team of staff and analyzing the information security environment for Point32Health and developing security measures to safeguard the confidentiality, integrity, and availability of information. The manager will work closely with other managers/directors across Cyber & Information Security, as well as partners across IT, and the broader Point32Health business. Will be responsible for having expertise and leading adoption of cyber-security systems

Job Description

DUTIES/RESPONSIBILITIES – what you will be doing (top five):

• Manage staff including supervision, assigning work, professional development, performance evaluation, recruitment, and coaching/mentoring.
• Provide coaching, constructive feedback and direction to staff to ensure successful achievement of projects and initiatives.
• Monitor staff workloads to assist in resource allocation and ensure deliverable dates are met
• Develop procedures and guidelines to support consistent delivery of services
• Consult with other Cyber & Information Security colleagues to continuously evaluate and implement security solutions
• Communicate potential security concerns/exposures to appropriate leadership Will be responsible for having expertise and leading adoption of cyber-security systems.
• Coordinate and collaborate with business organizations and other IT groups to ensure quality solutions are delivered within project timelines.
• Engage in ongoing communications with peers in the IT groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster cooperation.
• Maintain up-to-date knowledge of the cyber and information security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
• Oversee the deployment, integration and configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry-leading practices generically and the enterprise’s security documents specifically.
• Ensures adequate and effective technical and non-technical controls exist to meet current and future security compliance requirements found in local, state, and federal laws and regulations.
• Identify/recommend tools, processes, software, and hardware to improve or replace current security infrastructure practices, services, or technologies to meet future requirements.
• Other duties and projects as assigned.

QUALIFICATIONS – what you need to perform the job

Certification and Licensure

Education

• Required (minimum): Bachelor’s degree in cyber security, Computer Science, Risk Management, or related field preferred or equivalent experience
• Preferred: Master’s degree

Experience

• Required (minimum): 5-7 years of professional experience
• Preferred: 5-7 years’ experience in cyber security initiatives which may include some or a combination of roles in IT Security, cyber security, risk, compliance, audit, threat detection, data privacy, etc.
• Understanding of cyber-security and IT systems that may include web access management, vulnerability and scanning management, security design, operating system environments, etc.
• Experience managing a team and/or coaching team members
• Experience developing policies/procedures for security processes

Skill Requirements

• Ability to lead a team including mentoring, coaching, and motivating, providing an opportunity to learn and grow at Point32Health
• Proven track record of successfully managing projects, with a particular emphasis on handling complex assignments
• Demonstrated history of achieving customer satisfaction by effectively managing both internal and external stakeholders
• Strong relationship building skills; Must be able to work collaboratively and cooperatively as a team member and as a people manager
• Ability to influence peers and business stakeholders
• Ability to effectively lead discussions and initiatives associated with Cyber & Information Security and to actively participate in technical discussions.

WORKING CONDITIONS AND ADDITIONAL REQUIREMENTS (include special requirements, e.g., lifting, travel):

• Must be able to work under normal office conditions and work from home as required.
• Work may require simultaneous use of a telephone/headset and PC/keyboard and sitting for extended durations.
• May be required to work additional hours beyond standard work schedule.

DISCLAIMER

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position. Management retains the discretion to add to or change the duties of the position at any time.

Salary Range

$127,920.00 -$191,880.00

Compensation & Total Rewards Overview

The annual base salary range provided for this position represents a range of salaries for this role and similar roles across the organization.  The actual salary for this position will be determined by several factors, including the scope and complexity of the role; the skills, education, training, credentials, and experience of the candidate; as well as internal equity. As part of our comprehensive total rewards program, colleagues are also eligible for variable pay. Eligibility for any bonus, commission, benefits, or any other form of compensation and benefits remains in the Company's sole discretion and may be modified at the Company’s sole discretion, consistent with the law.

Point32Health offers their Colleagues a competitive and comprehensive total rewards package which currently includes:

• Medical, dental and vision coverage

• Retirement plans

• Paid time off

• Employer-paid life and disability insurance with additional buy-up coverage options

• Tuition program

• Well-being benefits

• Full suite of benefits to support career development, individual & family health, and financial health

For more details on our total rewards programs, visit https://www.point32health.org/careers/benefits/

We welcome all
All applicants are welcome and will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Scam Alert: Point32Health has recently become aware of job posting scams where unauthorized individuals posing as Point32Health recruiters have placed job advertisements and reached out to potential candidates. These advertisements or individuals may ask the applicant to make a payment. Point32Health would never ask an applicant to make a payment related to a job application or job offer, or to pay for workplace equipment. If you have any concerns about the legitimacy of a job posting or recruiting contact, you may contact [email protected]