Apply on Employer Site

New York State Technology Enterprise Corporation (NYSTEC) · 2 weeks ago

Principal Consultant - Security, Privacy, and Compliance Lead

Albany, NY

Full-time

Onsite

Senior Level, Lead/Staff

$110K/yr - $145K/yr

8+ years exp

New York State Technology Enterprise Corporation (NYSTEC) is a nonprofit technology consulting company that has been advising various organizations since 1996. They are seeking a Principal Consultant - Security, Privacy, and Compliance Lead to oversee and support security, privacy, and compliance for the Medicaid Transformation Program, collaborating with various stakeholders to ensure program success.

CharityInformation TechnologyNon Profit

Work & Life Balance

No H1B

Responsibilities

Coordinate developing and implementing policies, procedures, and internal controls to support the Medicaid Transformation Program in the areas of security, privacy, and compliance

Lead and perform comprehensive evaluations and operational risk assessments related to the Medicaid Transformation Program

Plan and support security training, incident reporting, vulnerability management, federal and state audits, and security policies related to the Medicaid Transformation Program

Lead and oversee the development and implementation of data sharing agreements, forms, documents, processes, and procedures related to the Medicaid Transformation Program

Collaborate with the Division of Legal Affairs, business stakeholders, technology stakeholders, other state agencies, and external entities to evaluate risk and to ensure the security and privacy of data and applications in scope for the Medicaid Transformation Program

Compile, review, and approve progress reports that describe the project status, including technical, fiscal, and staffing issues

Monitor vendor compliance with contracts for services while resolving problems, as needed

Manage and monitor activities performed by vendors, contractors, and consultants

Maintain a close working relationship with the Department security director and keep the Department security director timely informed of any potential security issues and resolution or remediation of those issues

Communicate — verbally and in writing — with a variety of individuals, including management, users, vendors, and technology staff

Negotiate between program managers, technology staff, vendor personnel, and stakeholders to reconcile differing priorities

Qualification

Cybersecurity certificationsSecurityPrivacy policiesVendor managementInformation technology experienceHealthcare information systemsCommunication skillsTeam management

Required

Bachelor's degree and eight years of progressively responsible information technology experience in developing large-scale systems, three of these years must have been managing teams

Experience managing vendors, including monitoring service level agreements and adherence to contract terms

Experience in information technology, security, and managing security resources

Experience developing and managing security and privacy policies, data sharing agreements, contracts, and legal documents

One or more of the following cybersecurity certifications: CISSP, CCSP, CISM, CISA, GSEC, or CompTIA Security+

Preferred

Experience working in health and human services at a national, state, or local level, as well as experience working with Medicaid programs in New York State

Experience and knowledge in Centers for Medicare & Medicaid Services (CMS), Internal Revenue Service (IRS), and Social Security Administration (SSA) security and privacy requirements and guidelines

Experience leading security, privacy, and compliance deliverables for large healthcare information system projects (e.g., planning, design, development, implementation, and operation) to ensure that deliverables are on time, on budget, within scope, and meet stakeholder needs

AWS, Azure, and/or Google Cloud Computing Certification(s)