Compliance Manager - Operations

Compliance Manager - Operations
Salisbury Management, LLC, United States

Experience
1 Year
Salary
0 - 0
Job Type
Full Time Job
Job Shift
Morning Job
Job Category
Education
Traveling
No
Career Level
Non-Managerial
Telecommute
No
Qualification
Bachelor's Degree
Total Vacancies
1 Job
Posted on
Mar 13, 2021
Last Date
Apr 13, 2021
Location(s)
Pittsburgh, United States

Job Description

At Salisbury Management our job is to allow the companies we serve do what they do best which is provide quality care to their patients, consumers and students. SMI is a recognized leader in offering professional, operational, and management services. Our goal is to provide a complete array of professional and administrative services to companies that need to minimize the complexity of day to day administrative operations, so they can get to the business they do best by caring for the individuals they serve.

Salisbury Management is seeking a qualified Compliance Manager for the schools under Salisbury Management’s umbrella. The Compliance Manager will lead the security assurance program which includes risk management, audits, and assessments for on premise as well as cloud hosted IT applications and infrastructure. This position is specifically responsible for understanding and assessing security, operational, and privacy risks related to services and solutions and provides input on appropriate controls to address those risks. The position will work with external and internal auditors, gathering and presenting evidence, as required. Areas of focus include Operations, Risk amp; Compliance, Data Protection, Cyber Design, Incident Response, Security Architecture, and Business Partnership.

Requirements

  • Lead and execute tasks and strategies associated with client security assurance inquiries such as reviewing security contracts, responding to security questionnaires, audits, and assessments for on premises, as well as cloud hosted IT applications and infrastructure as required via client contracts, regulatory obligations, and operational objectives.
  • Clearly understand the on premise and cloud technology and operational risk to the organization as well as related laws, regulations, and industry standards, specifically as related to internal and cloud technology solutions.
  • Independently design, recommend, plan, develop and support implementation of project-specific security and compliance solutions to meet requirements for on premise as well as cloud hosted IT applications and infrastructure.
  • Recommend and draft policies, standards, procedures, and controls to assure the confidentiality, integrity, and availability of the information technology environment for on premise as well as cloud hosted IT applications and infrastructure. Also recommend and draft policies to prevent unethical, illegal, or improper conduct.
  • Serve as the organization’s internal control point for ethics allegations, complaints, and conflicts and provide leadership advice on management of ethical issue.
  • Ensure that identified risks are managed in accordance with the Risk Management program for on premise as well as cloud hosted IT applications and infrastructure.
  • Manage remediation of identified risks and vulnerabilities; identify those within the organization responsible for remediation tasks and negotiate dates for remediation to be complete; track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to all constituents.
  • Represent Information Technology related to internal and external assessments and/or audits of information technology systems and processes, interpret results, and develop and communication recommendations to management.
  • Respond to alleged compliance and ethics violations. Initiate investigation of compliance and ethical complaints with appropriate parties and ensure appropriate measures are implemented to prevent future occurrence.
  • Work with the appropriate IT, legal, HR, and operational leaders to determine scope of onsite visits, audits, and assessments as defined by contracts and regulatory requirements.
  • Develop risk/vulnerability assessment programs and questionnaires to aid in the identification and mitigation of security risks.
  • Identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders.
  • Identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders.
  • Make decisions on day-to-day task assignments to the team.
  • Knowledge and experience with various industry standard frameworks such as FERPA, ISO 27001, SSAE 18 (SOC 1) and SOC 2, HIPAA, HITRUST, CSA CCM, GDPR, Privacy Shields, etc.
  • Familiarity with privacy laws, data protection/security regulations, and cloud security frameworks
  • Experience with Compliance Management portals
  • Possess a general understanding of underlying infrastructure architecture including cloud security, Internet, intranets, and communication protocols such as TCP, UDP, and IPSEC (preferred)
  • Develop and ov

Job Specification

Job Rewards and Benefits

More Jobs like this Job

Jobs in Pittsburgh United States
Jobs in this company

Salisbury Management, LLC

Information Technology and Services - Philadelphia, United States
© Copyright 2004-2024 Mustakbil.com All Right Reserved.