Cyber Security Risk Specialist

Mosaic Health is a national care delivery platform focused on expanding access to comprehensive primary care
for consumers with coverage across Commercial, Individual Exchange, Medicare, and Medicaid health plans.
The Business Units which comprise Mosaic Health are multi-payer and serve nearly one million consumers
across 19 states, providing them with access to high quality primary care, integrated care teams, personalized
navigation, expanded digital access, and specialized services for higher-need populations. Through Mosaic
Health, health plans and employers have an even stronger care provider partner that delivers affordability and
superior experiences for their members and employees, including value-based primary care capacity
integrated with digital patient engagement and navigation. Each of the companies within Mosaic Health
provide unique offerings that together promise to improve individuals' health and wellbeing, while helping
care providers deliver higher quality care. For more information, please visit www.mosaichealth.com or
follow Mosaic Health on LinkedIn.

Formed in 2008 and headquartered in Fort Myers, Florida, with offices in Florida, North Carolina, and Texas,
Millennium Healthcare is the largest independent physician group in the state of Florida and one of the largest
in the United States. At Millennium Physician Group, our employees are the foundation of our success. Our
promise is to provide you with the tools to do your job successfully, as well as providing a team atmosphere
that empowers you to seek better ways to deliver care to our patients and their families. We also promise to
care for you as an individual and help you grow in your role.

The Cyber Risk Specialist will support all business units within Mosaic Health and is responsible for identifying,
assessing, and mitigating cybersecurity risks that could impact the organization's information systems and
patient data. This role involves collaborating with IT, security, and compliance teams to implement effective
risk management strategies while ensuring compliance with healthcare regulations such as HIPAA.

Responsibilities

• Conduct comprehensive risk assessments to identify vulnerabilities in healthcare information
systems, including electronic health records (EHRs), patient portals, and medical devices.
• Analyze potential risks, including data breaches and cyber-attacks, and assess their impact on patient
safety and privacy.
• Develop and implement risk management policies and procedures tailored to the healthcare
environment.
• Work with IT and security teams to deploy technical controls and safeguards that mitigate identified
risks, such as encryption and access controls.
• Ensure adherence to healthcare-specific regulations and standards, such as HIPAA, HITECH, and
HITRUST.
• Stay informed about changes in regulations and industry best practices, ensuring the organization
remains compliant.
• Assist in the development and execution of incident response plans specific to healthcare
cybersecurity threats.
• Coordinate incident response efforts, including communication with affected departments, patients,
and regulatory bodies.
• Prepare detailed risk assessment reports and present findings to senior management and relevant
committees.
• Maintain thorough documentation of risk management activities, incidents, and compliance efforts.
• Demonstrate excellent guest service to internal team members and patients.
• Perform other related duties as assigned.
• Demonstrate excellent guest service to internal team members and patients.
• Perform other related duties as assigned.

Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, Healthcare Informatics, or a related
field.
• Experience of 3+ years in cybersecurity risk management within the healthcare industry is highly
preferred.
• Familiarity with healthcare information systems and medical devices is advantageous.
• Strong understanding of cybersecurity principles, risk management frameworks, and threat
landscapes relevant to healthcare.
• Knowledge of healthcare-related security technologies and tools, such as secure messaging
platforms and EHR security.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP),
HealthCare Information Security and Privacy Practitioner (HCISPP), or Certified Information Security
Manager (CISM) are desirable.
• Excellent analytical and problem-solving skills with a focus on healthcare-specific challenges.
• Strong communication skills to effectively collaborate with medical staff, IT teams, and compliance
officers.
• Ability to prioritize tasks and manage multiple projects in a fast-paced healthcare environment.
• Understanding of healthcare operations and the impact of cybersecurity on patient care and safety.
• Familiarity with healthcare-specific privacy concerns and ethical considerations.
• Ability to work independently in a fast-paced, cross-functional environment.
• A commitment to providing excellent service to internal team members and patients.
• High level of professionalism and integrity in all interactions.
• Ability to work independently in a fast-paced, cross-functional environment.

Physical Demands

• Sedentary work. Exerting up to 10 pounds of force occasionally and/or negligible amount of force
frequently or constantly to lift, carry, push, pull, or otherwise move objects. Repetitive motion.
Substantial movements (motions) of the wrists, hands, and/or fingers. The worker must have close
visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing;
viewing a computer terminal; extensive reading. Ability to lift to 15 lbs. independently not to exceed
50 lbs. without help.

Equal Employment Opportunity

• Mosaic Health is an Equal Employment Opportunity employer and all qualified applicants will receive
consideration for employment without regard to age, citizenship status, color, creed, disability,
ethnicity, genetic information, gender (including gender identity and gender expression), marital
status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or
condition protected by applicable federal, state, or local laws.
• If you require an accommodation for the application or interview process, please let us know and we
will work with you to meet your needs. Please contact HRbenefits@mpgus.com for assistance.