Director Of Information Security And Compliance
Atlanta, Ga, Us
Work with key business leaders, including Product & Engineering, Legal, and Finance, to identify compliance requirements and areas of potential vulnerability and risk; document, enhance, and provide recommendations for internal controls regarding HIPAA, PCI DSS, Data Security, and other compliance risks.Oversee the expansion of the Payment Compliance program to keep in line with developing PCI DSS, Mastercard/Visa/American Express mandates, and potential Money Transmitter regulations.Develop an audit program to further the PCI and HIPAA compliance program, and work with PCI and HIPAA consultants to keep the compliance policies and procedures up to date.Support the implementation and administration of information security and privacy policies, procedures and tools to ensure the protection of networks, systems, data, and PHI.Administer day-to-day security, IT and network operations, including access management and response to incidents, including recommending corrective actions.Develop training programs to keep staff up to date on compliance and educate them on the importance of PCI and HIPAA standards, as well as other internal controls.General compliance related contract analysis and legal organization support including Business Associates Agreements with clients, partners and vendors.