At Nuna, our mission is to make high-quality healthcare affordable for everyone. We are dedicated to tackling one of our nation’s biggest problems with ingenuity, creativity, and a keen moral compass.
Nuna is committed to simple principles: a rigorous understanding of data, modern technology, and most importantly, compassion and care for our fellow human. We want to know what really works, what doesn't—and why.
Nuna partners with healthcare payers, including government agencies, health plans, and self-insured employers, to turn data into learnings and information into meaning.
Corporate Operations is the caretaker of the company; from Recruiting to PeopleOps and to Legal and Privacy - we manage the structures that advocate for the well-being of our employees and their endeavors across our lines of business.
Nuna seeks to fill a leadership role in our Governance, Risk, and Compliance domain. This person will work across the company to help define and build the technical controls that protect our work, as well as ensure our continuing compliance with HIPAA, SOC2, and other regimes for our high-security enterprise services.
Drive preparation for audits of our compliance with HIPAA, ARS, HITRUST, and others.
Work with external auditors to ensure smooth and efficient assessments.
Help lead teams across the organization to implement security controls and processes.
Lead the creation of policies and compliance standards with Nuna Security, Engineering, IT, Legal, and Privacy.
Design, develop, and maintain tools that facilitate internal auditing and compliance readiness that integrate with Nuna’s cloud environments.
Perform risk assessments on a periodic basis, and help build new processes to improve efficiency and effectiveness overall.
Advise on security and compliance best practices; stay abreast of evolving industry standards and recommend/plan best course for the company.
Collaborate with customers, external agencies, and auditors on compliance initiatives.
Guide the effort to improve the company’s risk management and compliance strategy overall.
Design and implement security and compliance training programs across the organization
Lead the vendor risk management and customer security assessment processes
5+ years of experience in security and compliance, preferably in the healthcare industry.
Experience with ARS, SOC2, HIPAA security rule, or HITRUST compliance regimes.
Able to clearly communicate risk to high-level management and key stakeholders.
Strong security awareness; able to secure AWS environments.
Experience writing policy documentation and delivering training.
Exemplary communication skills, both written and verbal; public speaking a plus.
Experience assessing and mitigating vendor risk.
Google Cloud Platform security protocol knowledge.
Relocation expenses are negotiable.
Nuna's mission is to make high-quality healthcare affordable for everyone. We are dedicated to tackling one of our nation’s biggest problems with ingenuity, creativity, and a keen moral compass.
BACK TO TOP
ISACA Career Centre is Just One of the Benefits.
Discover what else ISACA Membership has to offer!
The job you are trying to reach from was originally posted at ISACA Career Centre.