Chief Information Security and Compliance Officer

MedAllies Fishkill, New York

This position has been filled.

MedAllies has retained Kirby Partners to identify, qualify, and present individuals for their  Chief Information Security and Compliance Officer position.
Reporting directly to the CEO, the Chief Information Security and Compliance Officer is responsible for oversight and management of the MedAllies Security and Accreditation Programs (including information security, training and physical security), recurring third-party security and compliance audits. MedAllies is a rapidly growing national healthcare consulting firm in Fishkill, New York.  The firm focuses on clinical practice and health system transformation, connecting providers as a health information service provider and develops software which enables thousands of healthcare providers and organizations to provide efficient and effective patient care. Key Network Indicators:
  • 6,000 health care organizations
  • 200,000 Direct users
  • 51 employees
Chief Information Security and Compliance Officer  
Chief Information Security and Compliance Officer Position Description:
This opportunity will let you use your experience and knowledge to further develop leading security initiatives in this growing organization working with nationally known leaders in healthcare. MedAllies is an exciting place to work where you can learn new technologies and design security operations in the healthcare sector. It is a fast and innovative organization and the Security and Compliance Officer must be able to balance industry strength security with business operations.
The ideal Chief Information Security and Compliance Officer would have an understanding of HIPAA security, and understanding of industry standards/regulations such as ISO, NIST, GDPR, and healthcare specifications such as ENHAC and HITRUST.
  • Bachelor's degree required in computer science, information systems, or equivalent experience (Master’s preferred)
  • CISSP certification required
  • At least 5-10 years in the healthcare information security field, with risk management preferred
  • Must have working knowledge of HIPAA, ISO, and HITRUST
  • Must be able to communicate security-related concepts to a broad range of technical and non-technical staff, including senior leadership
  • Must have experience with business continuity planning, auditing, and risk management
  • Experience in defining standards, guidelines, best practices related to risk management, and identity management
  • Ability to to troubleshoot complex problems related to security, risk management, and resolve issues quickly identifying the best option in an emergency situation
  For more information about the organization, position, and the community, click the "Full Profile" link (top right sidebar) or click here.