Compliance Manager – Data Security & Loss Prevention (Healthcare Payer)
Compliance Manager – Data Security & Loss Prevention (Healthcare Payer)
Location: Remote (U.S. Based)
Job Type: Contract (6 months)
Position Overview:
We’re seeking a seasoned Compliance Manager with deep healthcare-payer expertise to lead our Data Loss Prevention (DLP) and Data Security Posture Management (DSPM) programs. In this hands-on leadership role, you will define strategy, manage a team of specialists, and ensure our data-protection capabilities mature in line with industry’s best practices and core regulatory requirements.
Key Responsibilities:
• Lead and mentor a team of DLP/DSPM analysts, fostering technical excellence and professional growth.
• Define and execute roadmaps for DLP, DSPM, and Data Level Prevention initiatives.
• Partner with IT, Legal, Risk, Operations, and business stakeholders to align security objectives with organizational goals.
• Oversee design, deployment, and tuning of DLP controls across endpoints, network, and cloud environments.
• Drive DSPM assessments, gap analyses, and remediation plans against frameworks such as NIST CSF and CIS Controls.
• Implement Data Level Prevention controls—encryption, tokenization, masking—to protect PHI at rest and in transit.
• Collaborate with the Security Operations Center (SOC) on data-related alerts and incident response.
• Conduct regular risk assessments, control validations, and tabletop exercises focused on payer workflows (claims, enrollment, utilization management).
• Develop and present executive-level dashboards tracking DLP/DSPM maturity, policy compliance, and key risk indicators.
• Lead internal and external audits; maintain audit readiness and secure leadership sign-off on major security projects.
Required Skills & Qualifications:
• Bachelors in Information Security, Computer Science, Healthcare Administration, or equivalent experience.
• 7+ years in IT security/compliance, with 5+ years in healthcare payer environments (insurers, TPAs, or health plans).
• 3+ years managing technical security or compliance teams.
• Strong command of security frameworks: NIST CSF, CIS Controls, ISO 27001
• CMS program-integrity requirements as they relate to data protection (e.g., Medicare Advantage & Medicaid Managed Care)
• Excellent leadership, communication, and stakeholder-management skills—able to convey complex risks to executive audiences.
• Certifications highly preferred: CISSP, CISM, CDPSE, HCISPP, or HITRUST Practitioner.
• HIPAA Privacy & Security Rules (including HITECH Act)
• HITRUST CSF requirements and certification processes
• Proven hands-on expertise with - DLP Solutions (Forcepoint, Symantec, Microsoft Purview), DSPM tooling and cloud security posture management (CSPM), and Data classification, encryption, tokenization, and other Data Level Prevention controls.
Preferred Experience:
• Prior involvement in payer core systems (claims adjudication, member enrollment, utilization management).
• Experience integrating DSPM with SecOps and GRC platforms.
• Familiarity with cloud-native environments (AWS, Azure, GCP) and container security.
• NCQA accreditation and HEDIS® data-security standards
• Affordable Care Act mandates (risk adjustment, network adequacy)
• State DOI breach-notification laws and OCR enforcement guidance
• FDA requirements for any Software as a Medical Device (SaMD) components
Why You'll Love This Rule:
• Lead & Influence: Shape the strategic direction of data-security programs in a complex, highly regulated industry.
• High Visibility: Regularly present to senior leadership and drive cross-functional security initiatives.
• Professional Growth: Deepen your expertise in healthcare security, compliance, and cutting-edge prevention technologies.
Job Type: Contract
Work Location: Remote
Apply Now
Apply Now
Location: Remote (U.S. Based)
Job Type: Contract (6 months)
Position Overview:
We’re seeking a seasoned Compliance Manager with deep healthcare-payer expertise to lead our Data Loss Prevention (DLP) and Data Security Posture Management (DSPM) programs. In this hands-on leadership role, you will define strategy, manage a team of specialists, and ensure our data-protection capabilities mature in line with industry’s best practices and core regulatory requirements.
Key Responsibilities:
• Lead and mentor a team of DLP/DSPM analysts, fostering technical excellence and professional growth.
• Define and execute roadmaps for DLP, DSPM, and Data Level Prevention initiatives.
• Partner with IT, Legal, Risk, Operations, and business stakeholders to align security objectives with organizational goals.
• Oversee design, deployment, and tuning of DLP controls across endpoints, network, and cloud environments.
• Drive DSPM assessments, gap analyses, and remediation plans against frameworks such as NIST CSF and CIS Controls.
• Implement Data Level Prevention controls—encryption, tokenization, masking—to protect PHI at rest and in transit.
• Collaborate with the Security Operations Center (SOC) on data-related alerts and incident response.
• Conduct regular risk assessments, control validations, and tabletop exercises focused on payer workflows (claims, enrollment, utilization management).
• Develop and present executive-level dashboards tracking DLP/DSPM maturity, policy compliance, and key risk indicators.
• Lead internal and external audits; maintain audit readiness and secure leadership sign-off on major security projects.
Required Skills & Qualifications:
• Bachelors in Information Security, Computer Science, Healthcare Administration, or equivalent experience.
• 7+ years in IT security/compliance, with 5+ years in healthcare payer environments (insurers, TPAs, or health plans).
• 3+ years managing technical security or compliance teams.
• Strong command of security frameworks: NIST CSF, CIS Controls, ISO 27001
• CMS program-integrity requirements as they relate to data protection (e.g., Medicare Advantage & Medicaid Managed Care)
• Excellent leadership, communication, and stakeholder-management skills—able to convey complex risks to executive audiences.
• Certifications highly preferred: CISSP, CISM, CDPSE, HCISPP, or HITRUST Practitioner.
• HIPAA Privacy & Security Rules (including HITECH Act)
• HITRUST CSF requirements and certification processes
• Proven hands-on expertise with - DLP Solutions (Forcepoint, Symantec, Microsoft Purview), DSPM tooling and cloud security posture management (CSPM), and Data classification, encryption, tokenization, and other Data Level Prevention controls.
Preferred Experience:
• Prior involvement in payer core systems (claims adjudication, member enrollment, utilization management).
• Experience integrating DSPM with SecOps and GRC platforms.
• Familiarity with cloud-native environments (AWS, Azure, GCP) and container security.
• NCQA accreditation and HEDIS® data-security standards
• Affordable Care Act mandates (risk adjustment, network adequacy)
• State DOI breach-notification laws and OCR enforcement guidance
• FDA requirements for any Software as a Medical Device (SaMD) components
Why You'll Love This Rule:
• Lead & Influence: Shape the strategic direction of data-security programs in a complex, highly regulated industry.
• High Visibility: Regularly present to senior leadership and drive cross-functional security initiatives.
• Professional Growth: Deepen your expertise in healthcare security, compliance, and cutting-edge prevention technologies.
Job Type: Contract
Work Location: Remote
Apply Now
Apply Now