Director Of Cybersecurity Compliance / Deputy Ciso
Current• Manage and work with Compliance Analyst, including assigning tasks to assist in the completion of compliance activities.• Manage implementation, compliance tracking, and reporting processes for the security governance frameworks, regulatory, and client compliance requirements.• Manage SaaS applications and processes used to track various compliance initiatives.• Define and monitor security metrics and KPIs.• Manage the Thrid-Party Risk Management (TPRM) function, along with preparing and reviewing third-party risk assessments.• Ownership of all internal and external audit coordination between auditors and internal stakeholders, performing initial reviews of evidence submissions and subsequent project management tasks.• Successfully led entire HITRUST r2 re-certification process.• Ensure risk-based compliance to governmental and industry standards such as SOX, HIPAA / HITECH, HITRUST, and SSAE 18 SOC1 / SOC2.• Provide input for corporate security projects with regards to identifying requirements for ongoing compliance.• Ensure oversight of compliance of IT Security obligations for training / awareness, risk assessments, BCDR & Incident Response exercises, and security reviews.• Manage vendor security vetting.• Work proactively with all areas of the business to ensure security compliance objectives are met.• Chair the Committee on Risk and Control, and provide reporting to various senior leaders.