Analyst, Cyber Security Incident Response

Mosaic Health is a national care delivery platform focused on expanding access to comprehensive primary care for consumers with coverage across Commercial, Individual Exchange, Medicare, and Medicaid health plans. The Business Units which comprise Mosaic Health are multi-payer and serve nearly one million consumers across 19 states, providing them with access to high quality primary care, integrated care teams, personalized navigation, expanded digital access, and specialized services for higher-need populations. Through Mosaic Health, health plans and employers have an even stronger care provider partner that delivers affordability and superior experiences for their members and employees, including value-based primary care capacity integrated with digital patient engagement and navigation. Each of the companies within Mosaic Health provide unique offerings that together promise to improve individuals' health and wellbeing, while helping care providers deliver higher quality care. For more information, please visit www.mosaichealth.com or follow Mosaic Health on LinkedIn.

Formed in 2008 and headquartered in Fort Myers, Florida, with offices in Florida, North Carolina, and Texas, Millennium Healthcare is the largest independent physician group in the state of Florida and one of the largest in the United States. At Millennium Physician Group, our employees are the foundation of our success. Our promise is to provide you with the tools to do your job successfully, as well as providing a team atmosphere that empowers you to seek better ways to deliver care to our patients and their families. We also promise to care for you as an individual and help you grow in your role.

The Analyst, Cyber Security Incident Response will support all business units within Mosaic Health and is responsible for handling privacy related investigations, incidents, ensuring compliance with data protection regulations. This role includes duties such as analyzing security alerts, assisting with risk assessments and data protection designs.

Responsibilities

• Assess privacy-related alerts, investigations and incidents (e.g., unauthorized access, data leaks).
• Work with security teams to analyze logs and alerts for privacy concerns.
• Enforce privacy policies and procedures to protect patient data.
• Assist with risk assessments to identify vulnerabilities in data handling and storage.
• Coordinate cross teams to implement measures to mitigate identified risks and improve data security.
• Contribute to the development and maintain a security incident response plan for data privacy incidents.
• Lead privacy investigations and work across teams to mitigate issues.
• Maintain detailed incident records for audits and meet legal requirements.
• Develop playbooks for handling privacy investigations and incidents.
• Assist in breach notifications and reporting to regulatory authorities as required.
• Oversee data governance processes to ensure that data is handled according to privacy policies.
• Stay current with privacy regulations and laws.
• Prepare reports for management on the status of data privacy incidents or violations.
• Collaborate with legal, IT, and compliance teams to ensure integrated data protection efforts.
• Serve as a point of contact for privacy-related inquiries and communications.
• Support privacy awareness training for employees.
• Demonstrate excellent guest service to internal team members and patients.
• Perform other related duties as assigned.

Qualifications

• Bachelor's degree in information technology, Cyber security, or a related field.
• Experience of 2+ years in data privacy, cyber security, or a related field, preferably within the healthcare industry.
• Familiarity with healthcare systems and understanding of how patient data is used and stored.
• Relevant certifications such as Certified in Healthcare Privacy Compliance (CHPC), Certified in Healthcare Compliance (CHC), Certified Information Privacy Professional (CIPP).
• Strong understanding of data protection regulations and their application in the healthcare sector.
• Excellent analytical and problem-solving skills, with the ability to identify and manage risks.
• Strong communication and interpersonal skills for training and collaboration with various departments.
• Ability to manage confidential information with discretion.
• Familiarity with cybersecurity tools and technologies used to protect data.
• Familiarity with Microsoft tools
• Understanding data encryption, network security, and secure data handling practices.
• A commitment to providing excellent service to internal team members and patients.
• High level of professionalism and integrity in all interactions.
• Ability to work independently in a fast-paced, cross-functional environment.

Physical Demands

• Sedentary work. Exerting up to 10 pounds of force occasionally and/or negligible amount of force frequently or constantly to lift, carry, push, pull, or otherwise move objects. Repetitive motion. Substantial movements (motions) of the wrists, hands, and/or fingers. The worker must have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal; extensive reading. Ability to lift to 15 lbs. independently not to exceed 50 lbs. without help.

Equal Employment Opportunity

• Mosaic Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws.
• If you require an accommodation for the application or interview process, please let us know and we will work with you to meet your needs. Please contact HRbenefits@mpgus.comfor assistance.