Privacy and Security Manager

Privacy and Security Program Lead

As required by our governmental client, this position requires being a U.S. citizen or a lawful resident alien.

The role involves assisting the Government in engineering security solutions to integrate the 4DW cloud IT infrastructure with IHS IT infrastructure. Responsibilities also include setting up security operations to meet the Government’s security assessment and authorization criteria, maintaining authorized security posture baseline, and integrating and implementing privacy regulatory rules specified by HIPAA, CARES Act, 21st Century Cures Act, 42 CFR Part 2, and Privacy Act. Minimum qualifications include being a Certified Information Systems Security Professional (CISSP), supplemented by a health IT-related credential such as Certified Professional in Healthcare Information and Management Systems (CPHIMS).

Compensation & Benefits:

Estimated Starting Salary Range for Privacy and Security Program Lead: $130k- $140k

Pay commensurate with experience.

Full-time benefits include Medical, Dental, Vision, 401K and other possible benefits as provided. Benefits are subject to change with or without notice.

Privacy and Security Program Lead Responsibilities Include: 

• Collaborate with government stakeholders to design and implement security solutions that facilitate the integration of 4DW cloud IT infrastructure with IHS IT infrastructure.

• Develop and implement security operations to meet the Government’s security assessment and authorization (A&A) criteria, ensuring adherence to authorized security posture baseline.

• Integrate and implement privacy regulatory rules specified by HIPAA, CARES Act, 21st Century Cures Act, 42 CFR Part 2, and Privacy Act into security operations and procedures.

• Collaborate with government stakeholders to develop a System Security Plan (SSP) using guidelines prescribed by the National Institute of Standards and Technology (NIST) Special Publications (SP) 800-18, Rev. 2 as amended, “Guide for Developing Security Plans for Information Technology Systems”, and NIST SP 800-37 as amended, “Guide for the Security Certification and Accreditation of Federal Information Systems”. The SSP addresses security plan requirements established by the Office of Management and Budget (OMB) Circular A-130 Appendix III, and Title III of the E-Government Act: Federal Information Security Management Act (FISMA).

• Monitor and ensure compliance with regulatory requirements related to security and privacy, including conducting regular assessments and audits.

• Identify and assess security and privacy risks associated with IT infrastructure integration and operations, and develop strategies to mitigate these risks.

• Develop and update security and privacy policies, procedures, and guidelines in alignment with regulatory requirements and industry best practices.

• Provide training and awareness programs to government personnel and stakeholders on security and privacy requirements, policies, and procedures.

• Develop and implement incident response plans and procedures to address security and privacy incidents promptly and effectively.

• Coordinate with vendors and third-party service providers to ensure compliance with security and privacy requirements in contracts and service agreements.

• Continuously evaluate and improve security and privacy practices, processes, and technologies to enhance the overall effectiveness of the program.

• Performs other job-related duties as assigned.

Privacy and Security Program Lead Experience, Education, Skills, Abilities requested: 

• Certified Information Systems Security Professional (CISSP), augmented by a health IT-related credential such as Certified Professional in Healthcare Information and Management Systems (CPHIMS).

• Collaborate with government stakeholders to design and develop security solutions for integrating the 4DW cloud IT infrastructure with IHS IT infrastructure.

• Ensure that security solutions meet the requirements for seamless integration while maintaining robust security measures.

• Must pass the pre-employment qualifications of Cherokee Federal.

Company Information:

Cherokee Nation Integrated Health (CNIH) is a part of Cherokee Federal, a division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government’s mission with compassion and heart. To learn more about CNIH, visit cherokee-federal.com.

#CherokeeFederal #LI- SH1

Cherokee Federal is a military-friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.

Similar searchable job titles:

• Privacy and Security Manager

• Information Security Officer

• Privacy Compliance Officer

• Security Program Director

• Data Protection Officer

Keywords:

• Privacy compliance

• Information security

• Regulatory requirements

• Risk management

• Data protection

Legal Disclaimer: All qualified applicants will receive consideration for employment without regard to protected veteran status, disability or any other status protected under applicable federal, state, or local law.

Many of our job openings require access to government buildings or military installations. Candidates must pass the pre-employment qualifications of Cherokee Federal.