Information Security - Governance Risk and Compliance Manager
The Opportunity
At Kalderos, it is our mission to redefine how the business of healthcare performs by providing clarity to the current disjointed drug discount management system. We’re looking for passionate individuals to join us as we fulfill that mission together.
The Position
The Manager, Information Security Governance, Risk and Compliance is responsible for privacy and information security risk management functions. The Manager provides oversight of Kalderos’ vendor management program, including activities related to risk management, due diligence, contract provisions, vendor reviews, and ongoing monitoring requirements; assures adherence to applicable federal and state regulations; develops and conducts periodic risk assessments; monitors key elements of the vendor management program. The Manager reports directly to the VP, Information Security & Compliance and frequently liaises with the Kalderos leadership team to ensure effective coordination of privacy and security requirements and activities.
What you’ll bring
- BS/BA in a technical field or equivalent practical experience
- 5+ years of experience in Information Security Governance, Risk and Compliance
- Experience with Risk Management and Information Security strategy, practices, technologies and tools
- Experience conducting efficient and regular risk assessments, and auditing and monitoring activities
- Experience with Information Security frameworks and standards, such as NIST, SOC 2, ISO 27001
- Experience in a healthcare company with knowledge of existing and emerging federal and state requirements related to privacy and security of health information is a plus
Set yourself apart:
- Knowledge of current Cloud security architecture, software and database technologies
- Understanding of risk management from the technology perspective
- Strong professional and interpersonal skills
- Ability to maintain a high level of confidentiality
- Demonstrated ability to complete projects in a timely manner with little supervision or direction
- Demonstrated ability to set priorities and to respond to changing demands from multiple sources in a fast-paced environment
- Ability to follow through, meet deadlines, anticipate requirements, and build relationships
- Strong analytical, decision-making, and problem-solving skills
- Excellent verbal and written communication skills
- Excellent time management and organizational skills
- Knowledge of personal computers and relevant applications
Recommended Certifications
- CRISC – Certified Risk and Information Security Control
- CISM - Certified Information Security Manager
- CISSP - Certified Information Systems Security Professional
- CHPC - Certified in Healthcare Privacy Compliance
Kalderos is an equal opportunity workplace. We are committed to equal opportunity regardless of race, color, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, or veteran status.