Cyber Security Governance & Policy Specialist

Mosaic Health is a national care delivery platform focused on expanding access to comprehensive primary care
for consumers with coverage across Commercial, Individual Exchange, Medicare, and Medicaid health plans.
The Business Units which comprise Mosaic Health are multi-payer and serve nearly one million consumers
across 19 states, providing them with access to high quality primary care, integrated care teams, personalized
navigation, expanded digital access, and specialized services for higher-need populations. Through Mosaic
Health, health plans and employers have an even stronger care provider partner that delivers affordability and
superior experiences for their members and employees, including value-based primary care capacity
integrated with digital patient engagement and navigation. Each of the companies within Mosaic Health
provide unique offerings that together promise to improve individuals' health and wellbeing, while helping
care providers deliver higher quality care. For more information, please visit www.mosaichealth.com or
follow Mosaic Health on LinkedIn.

Formed in 2008 and headquartered in Fort Myers, Florida, with offices in Florida, North Carolina, and Texas,
Millennium Healthcare is the largest independent physician group in the state of Florida and one of the largest
in the United States. At Millennium Physician Group, our employees are the foundation of our success. Our
promise is to provide you with the tools to do your job successfully, as well as providing a team atmosphere
that empowers you to seek better ways to deliver care to our patients and their families. We also promise to
care for you as an individual and help you grow in your role.

The Cyber Security Governance & Policy Specialist will support all business units within Mosaic Health and is responsible for
developing and overseeing the implementation of cyber security policies and governance frameworks. This
role ensures that all security policies comply with healthcare regulations and industry standards, such as HIPAA,
and are effectively integrated into the organization's operations. The specialist works collaboratively to
enhance the organization's cyber security posture and protect sensitive patient data. This position involves
strategic planning, cross-departmental collaboration, and providing guidance on regulatory compliance and
risk management.

Responsibilities

• Develop, review, and maintain security policies, standards, and procedures to ensure compliance with
regulatory requirements.
• Ensure policies are aligned with regulatory requirements (e.g., HIPAA) and best practices.
• Implement governance frameworks and systems that align with industry best practices.
• Monitor compliance with healthcare laws, regulations, and accreditation standards.
• Lead security certification processes that include HIPAA, PCI, etc.
• Collaborate with teams to develop policies and drive ongoing improvements to reduce security risks.
• Provide leadership and strategic direction to the governance team, fostering a collaborative
environment.
• Provide guidance and support management and staff on governance-related matters.
• Serve as a liaison with regulatory bodies and external auditors.
• Promote a culture of compliance and ethical behavior across the organization.
• Track and report on governance performance metrics and key performance indicators (KPIs).
• Analyze data to identify trends and areas for improvement.
• Collaborate with stakeholders to ensure alignment with governance objectives.
• Facilitate communication and reporting to the board of directors or governance committees.
• Work cross-functionally to integrate cyber security policies into business processes.
• Develop and oversee the implementation of incident response policies, plans, and procedures.
• Develop and implement training programs to educate staff on cyber security policies and best
practices.
• Foster a culture of security awareness throughout the organization.
• Monitor the effectiveness of cyber security policies and governance frameworks.
• Prepare and present reports on policy compliance and cyber security posture to senior management.
• Perform other related duties as assigned.
• Demonstrate excellent guest service to internal team members and patients.
• Perform other related duties as assigned.

Qualifications

• Bachelor's degree in computer science, Information Technology, Cyber security, or a related field.
• Advanced degrees or specialized certifications in cyber security or healthcare compliance are
advantageous.
• Extensive experience in cyber security policy development and management,
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified
Information Security Manager (CISM), or Certified Information Privacy Professional (CIPP/US) are
beneficial.
• Strong understanding of healthcare regulations (e.g., HIPAA) and cyber security frameworks (e.g.,
NIST, ISO 27001).
• Excellent leadership, analytical, and problem-solving skills.
• Strong communication and interpersonal skills, capable of conveying complex security concepts to
diverse stakeholders.
• Understanding of IT infrastructure, data protection technologies, and network security in a
healthcare context.
• Ability to work independently in a fast-paced, cross-functional environment.
• A commitment to providing excellent service to internal team members and patients.
• High level of professionalism and integrity in all interactions.
• Ability to work independently in a fast-paced, cross-functional environment.

Physical Demands

• Sedentary work. Exerting up to 10 pounds of force occasionally and/or negligible amount of force
frequently or constantly to lift, carry, push, pull, or otherwise move objects. Repetitive motion.
Substantial movements (motions) of the wrists, hands, and/or fingers. The worker must have close
visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing;
viewing a computer terminal; extensive reading. Ability to lift to 15 lbs. independently not to exceed
50 lbs. without help.

Equal Employment Opportunity

• Mosaic Health is an Equal Employment Opportunity employer and all qualified applicants will receive
consideration for employment without regard to age, citizenship status, color, creed, disability,
ethnicity, genetic information, gender (including gender identity and gender expression), marital
status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or
condition protected by applicable federal, state, or local laws.
• If you require an accommodation for the application or interview process, please let us know and we
will work with you to meet your needs. Please contact HRbenefits@mpgus.com for assistance.