MedAllies has retained Kirby Partners to identify, qualify, and present individuals for their Chief Information Security and Compliance Officer position.
Reporting directly to the CEO, the Chief Information Security and Compliance Officer is responsible for oversight and management of the MedAllies Security and Accreditation Programs (including information security, training and physical security), recurring third-party security and compliance audits.
MedAllies is a rapidly growing national healthcare consulting firm in Fishkill, New York. The firm focuses on clinical practice and health system transformation, connecting providers as a health information service provider and develops software which enables thousands of healthcare providers and organizations to provide efficient and effective patient care.
Key Network Indicators:
6,000 health care organizations
200,000 Direct users
51 employees
Chief Information Security and Compliance Officer Position Description:
This opportunity will let you use your experience and knowledge to further develop leading security initiatives in this growing organization working with nationally known leaders in healthcare. MedAllies is an exciting place to work where you can learn new technologies and design security operations in the healthcare sector. It is a fast and innovative organization and the Security and Compliance Officer must be able to balance industry strength security with business operations.
Qualifications
The ideal Chief Information Security and Compliance Officer would have an understanding of HIPAA security, and understanding of industry standards/regulations such as ISO, NIST, GDPR, and healthcare specifications such as ENHAC and HITRUST.
Bachelor's degree required in computer science, information systems, or equivalent experience (Master’s preferred)
CISSP certification required
At least 5-10 years in the healthcare information security field, with risk management preferred
Must have working knowledge of HIPAA, ISO, and HITRUST
Must be able to communicate security-related concepts to a broad range of technical and non-technical staff, including senior leadership
Must have experience with business continuity planning, auditing, and risk management
Experience in defining standards, guidelines, best practices related to risk management, and identity management
Ability to to troubleshoot complex problems related to security, risk management, and resolve issues quickly identifying the best option in an emergency situation
For more information about the organization, position, and the community, click the "Full Profile" link (top right sidebar) or click here.
