Manager - IT Risk Management
Click the Facebook, Google+ or LinkedIn icons to share this job with your friends or contacts. Click the Twitter icon to tweet this job to your followers. Click the link button to view the URL of the job, which then can be copied and pasted into an e-mail or other document.
Portland, ME 04103
Transforming the future of healthcare isn’t something we take lightly. It takes teams of the best and the brightest, working together to make an impact.
*As one of the largest healthcare technology companies in the U.S., we are a catalyst to accelerate the journey toward improved lives and healthier communities.Here at Change Healthcare, we’re using our influence to drive positive changes across the industry, and we want motivated and passionate people like you to help us continue to bring new and innovative ideas to life.
If you’re ready to embrace your passion and do what you love with a company that’s committed to supporting your future, then you belong at Change Healthcare.*
Pursue purpose. Champion innovation. Earn trust. Be agile. Include all.
Empower Your Future. Make a Difference.
The Manager of IT Risk Management for Change Healthcare Consulting is to perform cyber threat, risk, and compliance assessments, based on customer request, to identify potential threats, risks and compliance issues, devise the strategy and methods for developing and implementing appropriate defenses with countermeasures, remediation, policy & process improvement recommendations to the customer’s security & risk posture
Location: Remote/Telecommuter position
- Account ManagementEstablish and maintain productive, professional relationships with key personnel at customer accounts
Create additional value for clients through continual insights and consultative advice based on experience with the client, their industry, established standards, and leading practices.
Demonstrate a high-level of commitment to client success, promptly responding to changes in client expectations both professionally and effectively.
- Practice Area SpecificEvaluate client’s capabilities as it relates to IT Risk Management; make recommendations on how to optimize their staffing, operations, and technology
Lead client initiatives to evaluate, select, procure, and implement vendor solutions that will improve their analytics and risk management capabilities
Provide exceptional delivery of security risk assessments and analytics in order to prepare planned, measurable, and practical corrective actions.
Through the assessment process, examine the relationship between people, processes, and technology, and their effects on information confidentiality, integrity, and availability.
Perform risk identification and provide detailed guidance on mitigation or remediation as well as providing recommendations on security policies and initiatives.
Review risk metrics results and provide input to information security reporting and dashboards.
Analyze discovery scan data and vulnerability data to determine unusual use configurations, discovery of aged software, patch validation, and proper identification of high-severity vulnerabilities.
Create and maintain a culture of partnership and collaboration to ensure that our customers can respond confidently and appropriately to the rapidly evolving security landscape.
Quantify risk using threat likelihood, implementation state, and business impact variables and then how to prioritize risk initiatives based on business need, compliance requirements, and/or risk reduction.
Participate in planning and implementing of client information systems, including structure, process, and security.
Participate in strategic and tactical objectives to include new product offerings, identify additional client needs, and generating new business leads.
Correspond with a variety of clients and communicate security issues, recommendations, and deliverables effectively.
Evaluate and/or implement cybersecurity solutions and controls to ensure data security and integrity for our clients.
Generate ideas for new cybersecurity solutions aligned with our clients evolving needs
Must have 8+ years’ experience in a combination of risk management, information security and information technology fields. At least 4 years of experience in a senior leadership role.
Bachelor’s degree in information security, Computer Science, Management of Information Systems, or related field required. Masters preferred.
Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Healthcare Privacy and Security (CHPS), or other similar credentials.
Must have 10+ years of experience working in a healthcare environment 5+ of which must at a health insurance company, third party administrator or healthcare provider.
Must have 5+ years’ experience working within a Health Plan Enterprise or provider Architecture
System and network administration experience on UNIX, Linux, and Microsoft Windows.
Knowledge and demonstrated experience of relevant legal and regulatory requirements, such as SOX, PCI DSS, HITECH, HIPAA Privacy & Security and other CMS regulations and guidelines.
Knowledge of security areas such as Auditing, Policy, Database Security, Firewall
Design and Implementation, Risk Analysis, Identity Management, Access Management, and Web Services.
Knowledge of common information security management frameworks, such as NIST
Must have experience running multifaceted engagements that include a variety of technical and business tracks – from planning through implementation
Must have experience managing multiple parallel engagements and dealing with time management, resource leveling, multiple client priorities, and competing demands
Must have contingency planning and risk mitigation experience
Must have a high level of self-motivation and be able to work both independently as well as with a team
Must have outstanding verbal and written communications and presentation skills with the ability to communicate clearly to all levels of an organization
Must be a quick and creative problem solver
Must have experience assessing team performance and making changes as needed
Join our team today where we are creating a better coordinated, increasingly collaborative, and more efficient healthcare system!
Equal Opportunity/Affirmative Action Statement
Change Healthcare is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, genetic information, national origin, disability, or veteran status. To read more about employment discrimination protections under federal law, read EEO is the Law at https://www.eeoc.gov/employers/upload/poster_screen_reader_optimized.pdf and the supplemental information at https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf.
If you need a reasonable accommodation to assist with your application for employment, please contact us by sending an email to with “Applicant requesting reasonable accommodation” as the subject. Resumes or CVs submitted to this… For full info follow application link.
Change Healthcare is an Equal Opportunity Employer. Employment at Change Healthcare is based upon your individual merit and qualifications. We don’t discriminate on the basis of race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, physical or mental disability, marital status, protected veteran status or disability, genetic characteristic, or any other characteristic protected by applicable federal, state or local law. We will also make all reasonable accommodations to meet our obligations under the Americans with Disabilities Act (ADA) and state disability laws. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability.