Director of IT Governance, Risk, & Compliance
GenesisCare, USA Fort Myers, FL
- Expired: over a month ago. Applications are no longer accepted.
Director of IT Governance, Risk, & Compliance
Information Security Governance Director
About this opportunity:
GenesisCare has an open Director level position with responsibility for our Information Security Governance efforts. In this role, you will be responsible for Governance, Risk, and Audit functions and will report to the Chief Information Security Officer. The successful candidate will possess a strong technical aptitude, a broad knowledge of information security processes, keen attention to detail, and an appetite for continuous learning and growth.Your key responsibilities:
The Information Security Governance Director is a direct report of the Chief Information Security Officer and a critical member of the IT Security Management team. This individual is responsible for partnering with the CISO and working closely with other stakeholders to manage an enterprise-wide information governance and risk management program. You will work with your team members and others across IT, Legal, Compliance, and Privacy to manage the implementation of the company’s Governance, Risk, and Compliance tool, maintain a robust set of policy documents that define the company’s policies, standards, and procedures, and direct the Information Security Audit efforts.
The Information Security Governance Director will:
- Support and manage the enterprise IT control framework as well as work with IT stakeholders on corresponding policies, procedures, and standards
- Monitor regulatory and internal requirements to ensure they are socialized and included in policy as needed
- Represent the information security program during contract negotiations. Participate in and oversee Third-Party Risk Assessment activities of prospective and existing vendors on a regional and global scale
- Oversee the implementation of process automation using the company’s GRC tool
- Oversee risk management and maintain the IT risk register
- Serve as a subject matter expert to the business in providing security risk process guidance
- Lead the development, review, and approval efforts for company IT Security policies, including serving as chair of the IT Policy Steering Committee
- Develop and implement a comprehensive policy security awareness training program
- Develop dashboards and other performance metrics to maintain accurate and timely visibility into the status of the security governance, risk remediation, and audit compliance efforts
- Be available to participate in the review of security incidents to determine root cause and recommend appropriate actions and preventative measures
- Oversee the selection, implementation, and management of an Identity and Access Management system
- Collaborate with staff to manage workload, ensure integration points are identified, cross-functional impacts are understood and documented, and conduct risk analysis and mitigation related to project delivery
- Contribute to disaster recovery planning and the development of IT business continuity plans
- Bachelor’s degree in Computer Science, Computer or Network Engineering, Information Security or equivalent work experience required
- Minimum of 5 year of experience in information technology, with broad technology and support experience
- Knowledge of common security regulations/frameworks; the HIPAA Security
Rule and NIST Cybersecurity Framework preferred and experience conducting assessments against these framework
- Experience with implementation of common Cybersecurity practices and principle
- In-depth knowledge of Windows operating systems, Active Directory, network and security fundamentals and system hardening. Prefer experience with Office365 security controls
- Knowledge of security governance operations and the ability to appropriately respond to security incidents
- At least one Security, Risk or IT certification:
o Certified Information System Security Professional (CISSP)
o Health Care Information Security Privacy Practitioner (HCISPP)
o Certified Information Security Manager (CISM)
o Certified Information Systems Auditor (CISA)
o Certified in Risk and Information Systems Control
o Certified Ethical Hacker
Across the world, GenesisCare has more than 440 centers offering the latest treatments and technologies that have been proven to help patients achieve the best possible outcomes. That includes 300 centers in the US as well as 14 centers in the U.K., 21 in Spain and 36 in Australia. We also offer urology and pulmonology care in the U.S. through our integrated medical offices. Every year our team of more than 5,000 employees see more than 400,000 people globally.
Our purpose is to design care experiences that get the best possible life outcomes. Our goal is to deliver exceptional treatment and care in a way that enhances every aspect of a person’s cancer journey.
Joining the GenesisCare team means a commitment to seeing and doing things differently. People centricity is at the heart of what we do—whether that person is a patient, a referring doctor, a partner or someone in our team. We aim to build a culture of ‘care’ that is patient focused and performance driven.
GenesisCare is an Equal Opportunity Employer that is committed to diversity and inclusion.
AddressFort Myers, FL
TechnologyView all jobs at GenesisCare, USA