Apply on Employer Site

New York State Technology Enterprise Corporation (NYSTEC) · 2 months ago

Principal Consultant-Security, Privacy, and Compliance Lead

Albany, NY 12207, USA

Full-time

Onsite

Senior Level, Lead/Staff

$110K/yr - $145K/yr

8+ years exp

NYSTEC is a nonprofit technology consulting company, advising agencies, organizations, institutions, and businesses since 1996. As the Medicaid Eligibility Client Management security, privacy, and compliance lead, you will oversee and support security, privacy, and compliance for the Medicaid Transformation Program, collaborating closely with various stakeholders to ensure program success.

CharityInformation TechnologyNon Profit

Work & Life Balance

No H1B

Responsibilities

Coordinate developing and implementing policies, procedures, and internal controls to support the Medicaid Transformation Program in the areas of security, privacy, and compliance

Lead and perform comprehensive evaluations and operational risk assessments related to the Medicaid Transformation Program

Plan and support security training, incident reporting, vulnerability management, federal and state audits, and security policies related to the Medicaid Transformation Program

Lead and oversee the development and implementation of data sharing agreements, forms, documents, processes, and procedures related to the Medicaid Transformation Program

Collaborate with the Division of Legal Affairs, business stakeholders, technology stakeholders, other state agencies, and external entities to evaluate risk and to ensure the security and privacy of data and applications in scope for the Medicaid Transformation Program

Compile, review, and approve progress reports that describe the project status, including technical, fiscal, and staffing issues

Monitor vendor compliance with contracts for services while resolving problems, as needed

Manage and monitor activities performed by vendors, contractors, and consultants

Maintain a close working relationship with the Department security director and keep the Department security director timely informed of any potential security issues and resolution or remediation of those issues

Communicate — verbally and in writing — with a variety of individuals, including management, users, vendors, and technology staff

Negotiate between program managers, technology staff, vendor personnel, and stakeholders to reconcile differing priorities

Qualification

Security compliance managementRisk assessmentVendor managementHealthcare IT experienceData sharing agreementsTeam managementCommunication skillsNegotiation skills

Required

Bachelor's degree and eight years of progressively responsible information technology experience in developing large-scale systems, three of these years must have been managing teams

Preferred

Experience managing vendors, including monitoring service level agreements and adherence to contract terms

Experience working in health and human services at a national, state, or local level, as well as experience working with Medicaid programs in New York State

Experience and knowledge in Centers for Medicare & Medicaid Services (CMS), Internal Revenue Service (IRS), and Social Security Administration (SSA) security and privacy requirements and guidelines

Experience in information technology, security, and managing security resources

Experience developing and handling security and privacy policies, data sharing agreements, contracts, and legal documents

Experience leading security, privacy, and compliance deliverables for large healthcare information system projects (e.g., planning, design, development, implementation, and operation) to ensure that deliverables are on time, on budget, within scope, and meet stakeholder needs