Senior Compliance Risk Manager

Responsibilities and Duties:

• Lead the development and execution of third-party management programs ensuring third parties adhere to appropriate controls and risks are managed.
• Effectively influence and collaborate with all business departments and teams to build a strong security framework and think strategically about the new regulations and compliance obligations to help build and convey value propositions with stakeholders. 
• Oversee execution of technical audits and audit activities, including CMS, GovRAMP, FedRAMP, HITRUST, and HIPAA
• Contribute to and assist with annual regulatory compliance reviews, and other compliance assessments across the business, and implement risk mitigation plans. 
• Identify, review, and monitor compliance issues and opportunities for enhancing organizational compliance. 
• Provide guidance to internal stakeholders and provide input to ensure the healthcare regulatory compliance  program is designed to run in a manner to comply with laws, regulations, and industry standards. 
• Liaise with functions across the organization to ensure education on policy and process and provide procedural support for the general operation of the compliance program and its related activities to prevent illegal, unethical, or improper conduct. 
• Work with all levels of the compliance and legal teams on compliance policy decisions, procedures, and issues. 
• Proactively identify potential weaknesses in the compliance program and recommend strategic improvements. 
• Oversee the end-to-end lifecycle of Compliance Program policies, from initial drafting to company-wide implementation and ongoing review.

Qualifications:

• At least 7 years experience in the compliance field, at least 3 of which should be in senior roles relating to HITRUST or NIST 800-53 based audits.
• Detailed knowledge of CMS, HITRUST, HIPAA and healthcare compliance regulations standards and best practices. 
• Broad knowledge of GRC Frameworks: NIST 800-53, RAMP, FedRAMP. 
• (Productive) paranoia about ensuring we continue to be compliant with industry regulations. 
• Excellent project management skills, including but not limited to, coordination, communication, adherence to budget and completion goals, prioritization, and troubleshooting. 
• Strong written and verbal communication skills with the ability to present to various levels within the company, as well as external professional audiences. 
• Strong prioritization skills with the ability to work on multiple projects and a variety of complicated tasks. 
• Strong interdepartmental collaboration skills with the willingness to engage across other teams and departments. 
• Ability to analyze processes and determine if adequate controls are in place and appropriate for the related activity. 
• Apply effective leadership skills to promote a compliance-oriented culture within the organization.
• Ability to leverage a high degree of precision and accuracy in analyzing complex legal and regulatory documents 
• Expertise in problem solving and designing effective data-driven solutions to protect company assets and objectives.
• Exceptional program management skills including how to plan, set, and manage to reasonable timelines, while delivering projects that align to the business strategy and priorities.