Job Description:

We are seeking a highly experienced and knowledgeable hands-on Senior Security Leader to oversee and manage the security functions of our population health company. The candidate will be responsible for ensuring HIPAA and HiTrust compliance, adherence to insurer customer rules and regulations, including Medicare and Medicaid, and managing the overall security functions for the business. This includes office and care management systems, Incident Response, Third Party Security Assessments, HiTrust Certification, Customer Audits, SIEM services, Penetration testing, and other security-related responsibilities.

The Company:

This role is with Arkos Health Company. Arkos serves health plans and provider organizations an integrated system-of-care comprised of clinical and social services backed by a robust technology platform. By engaging individuals with virtual, in-home, in-clinic and in-facility care options, Arkos Health delivers advanced community-based health services that allow our clients to live healthier, more independent lives.

Essential Duties and Responsibilities:

• Oversee and manage all security functions for the business, including office and care management systems, ensuring HIPAA and HiTrust compliance.
• Develop, implement, and maintain the Incident Response Plan (IRP), ensuring that all members are adequately trained.
• Coordinate and oversee Third Party Security Assessments and HiTrust Certification.
• Manage customer audits to ensure compliance with insurer customer rules and regulations, including Medicare and Medicaid.
• Implement SIEM to manage and audit HIPAA and security logs, monitoring and reviewing high-profile security events.
• Coordinate penetration testing activities to identify, prioritize and address potential vulnerabilities in the company's systems.
• Ensure regular monitoring of security and vulnerability assessments, as well as audits.
• Review and update network diagrams, accurately representing the company's IT infrastructure.
• Conduct periodic reviews and audits of IT systems and processes to identify and address potential risks.
• Review legal requirements for monitoring access logs and ensure compliance.
• Review audit trails for sufficient security and implement any necessary changes.
• Oversee and review the company's security awareness training program.
• Manage all Incident Response Plan (IRP) aspects, including member training.
• Periodically review the Software Development Life Cycle (SDLC) process to identify and address potential security risks.
  
• Manage the company's Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP), including periodic reviews and testing.
• Ensure newly-acquired technology complies with the IT security requirements.

Qualifications/Skills:

• Bachelor's degree in Information Security, Computer Science, or a related field.
• A minimum of 10 years of information security experience, focusing on HIPAA, HiTrust, and healthcare-related compliance.
• Professional security certifications, either CISSP or CISM
• Experience establishing security processes for a high-growth mid-market healthcare company
• Demonstrated knowledge of healthcare regulations, including Medicare and Medicaid requirements.
• Strong understanding of information security principles, technologies, and best practices.
• Experience with SIEM, vulnerability assessments, and penetration testing.
• Excellent communication and interpersonal skills, with the ability to work effectively with diverse teams.
• Strong leadership and project management skills, with a track record of successful security initiatives.
• Experience with managing security in AWS, Microsoft 365, and Salesforce
• Knowledge of information security management frameworks, such as ISO/IEC 27001 and NIST.

Benefits:

• Fully paid employee medical/dental/vision/life/short term disability
• Employer matching 401(k)
• 15 days annual combined sick/PTO with 9 paid holidays

Arkos Health EEO Statement

All Arkos Health divisions are Equal Opportunity Employers. We do not discriminate on the basis of race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status or any other status protected under federal, state or local laws.

Arkos Health is a drug free workplace. All job applicants selected for employment are required to submit to a pre-employment drug test and background check.

#Arkos123