What are the responsibilities and job description for the SBM Security Management Lead position at North Highland?
REACH YOUR POTENTIAL | COLLABORATE WITH AMAZING PEOPLE | MAKE CHANGE HAPPEN
Do you have the skills, passion, and commitment to transform our clients for the better? Are you ready to be a changemaker? If so, join us.
North Highland is the world’s leading change and transformation consultancy. Simply put, we make change happen like no one else. And we’re on the hunt for a new SBM Security Management Lead.
HOW WILL YOU MAKE CHANGE HAPPEN?
This SBM Security Management Lead role is dedicated to overseeing and coordinating processes associated with day-to-day security/privacy operations and planning, as well as annual security audits and compliance. The position requires flexibility to adapt to shifting workloads and priorities driven by State Based Marketplace initiatives, regulatory changes, and leadership directives.
The core technical platform is managed by a third-party SaaS vendor and as such, much of the security management work relies on both overseeing and coordinating with the SaaS vendor CISO and security team and developing/documenting polices that embed or wrap those of the vendor.
You Will
Success—for both our clients and our colleagues—is all about putting people first and doing great things together. We believe that when we work as one team, we can take action today to build lasting capability for tomorrow.
We Strive To Have The Most Enviable Culture On The Planet, Inspiring People To Reach Their Full Potential. Here’s How We Make It Happen
Intentional, flexible growth. We never want you to settle. Leading your own growth and transformation is your prerogative—one which we’ll help you nurture and develop every step of the way. We’ll inspire you to learn, teach, and ultimately carve your own path. That means you grow, we grow, and so do our clients.
People-first, and then some. It goes without saying that people come first, but what comes next? Our people are always at the heart; your wellbeing and success is built on a collective understanding that every one of us can be a coach, a friend, and a fantastic listener—regardless of job title. We think of it as a celebration of individuality, difference, and diversity.
Make your own change happen. With us, your curiosity and creativity know no bounds. The reins are off. All we ask is that you have the courage to transform yourself and those around you—colleagues and clients alike. If you’ve got the drive to become a changemaker, we’ll do the rest.
Enviable Total Rewards. We inspire our employees to do their best work. North Highland’s Total Rewards Program encompasses PTO, Medical, Dental, Vision, STD/LTD, Life Insurance, FSA/HSA, 401(k), and a variety of other perks like a dedicated Health Advocate, commuter benefits, and legal assistance. In addition, a competitive hourly rate of: $80.00 - $90.00/hr
READY TO MAKE CHANGE HAPPEN?
North Highland makes change happen, helping businesses transform by placing people at the heart of every decision. It’s how lasting progress is made. With our blend of workforce, customer, and operational expertise, we’re recognized as the world’s leading transformation consultancy. We break new ground today, so tomorrow is easier to navigate.
Founded in 1992, North Highland is regularly named one of the best places to work. We are a proud member of Cordence Worldwide, a global network of truly connected consultancy firms with the ability to think and deliver together.
Please note that applicants must be authorized to work in the United States without the need for visa sponsorship by North Highland. Work visa sponsorship will not be provided, either now or in the future, for this position.
North Highland is an Equal Employment Opportunity (EEO)/Affirmative Action employer. All qualified applicants will receive fair and impartial consideration without regard to race, color, sex, gender identity, religion, national origin, age, sexual orientation, disability, veteran status, or any other characteristic protected by law.
#ind2
Reference: 47774
APPLY FOR THIS JOB
Do you have the skills, passion, and commitment to transform our clients for the better? Are you ready to be a changemaker? If so, join us.
North Highland is the world’s leading change and transformation consultancy. Simply put, we make change happen like no one else. And we’re on the hunt for a new SBM Security Management Lead.
HOW WILL YOU MAKE CHANGE HAPPEN?
This SBM Security Management Lead role is dedicated to overseeing and coordinating processes associated with day-to-day security/privacy operations and planning, as well as annual security audits and compliance. The position requires flexibility to adapt to shifting workloads and priorities driven by State Based Marketplace initiatives, regulatory changes, and leadership directives.
The core technical platform is managed by a third-party SaaS vendor and as such, much of the security management work relies on both overseeing and coordinating with the SaaS vendor CISO and security team and developing/documenting polices that embed or wrap those of the vendor.
You Will
- Provide responsive and flexible project management and subject matter expertise to address emerging security or privacy issues.
- Identify and champion the adoption of best-practice security and privacy technologies, operations, and processes.
- Maintain and enhance security/privacy policies and related documents to meet federal, State, and best-practice requirements and compliance.
- Manage and track compliance with stated policies, e.g., required training for staff and periodic authorization reviews.
- Work with the CISO and security team of the SaaS platform vendor to ensure that policies are correctly implemented, that supporting documentation is current and timely, and that there is insight into any emerging issues or incidents
- Manage the tracking and resolution of Plan of Action and Milestones (POA&Ms) and submission to CMS.
- Attend periodic CMS security briefings and coordination meetings.
- Attend periodic collaboration and informal discussion meetings with other State Based Marketplaces.
- Support annual CMS MARS-E (Authority to Connect) audits by readying supporting documentation throughout the year, reviewing vendor documentation, and working with the auditor to provide required evidence and triage potential issues as possible.
- Provide support for the annual IRS Safeguard Security Report (SSR) submissions and tri-annual on-site audits.
- Support security and privacy impact analysis and other security-related needs.
- Participate in system design, development, and implementation activities from a security perspective.
- Manage follow-up tasks resulting from issue resolution, risk mitigation, and policy changes.
- Identify, analyze, and categorize issues requiring escalation or additional resources/technical assistance.
- Oversee security issue lifecycle, including risk analysis and documentation.
- Hands-on experience with managing health exchange security operations.
- Knowledge/background in MARS-E security support.
- Experience directing Security Incident Response Teams and collaborating with internal and external stakeholders on information and security practices, procedures, and policies.
- Strong leadership and analytical problem-solving skills.
- Excellent communication and stakeholder management abilities.
- Ability to work flexibly and manage multiple priorities.
- Detail-oriented, proactive, and effective in fast-paced environments.
- Effective technical system and business function documentation skills.
- Highly proficient in MS Office software, particularly Word, Excel, Visio, and PowerPoint.
- Excellent organizational skills with the ability to plan and coordinate tasks and small projects regularly.
- Experience administering or implementing IT Security policies.
- Experience with risk assessment and management.
- Knowledge of IT infrastructure, networks, and systems security.
- Familiarity with healthcare regulations and compliance requirements (e.g., HIPAA, ACA).
- Ability to ensure projects adhere to relevant legal and regulatory standards.
- Ability to identify potential security issues and develop effective solutions.
- Willingness to continuously learn and stay updated with the latest security trends and technologies.
- Current knowledge of Information Security / cybersecurity tools and Security Information Event Management (SEIM).
- Current Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) certification, or equivalent.
- Knowledge of Federal and State information security policies, standards, principles, practices, and frameworks (NIST 800-53).
- Current knowledge and experience in Information Security Risk Assessments, Security Assessments, and managing risk mitigations including management of Plan of Actions & Milestones (POA&M’s).
Success—for both our clients and our colleagues—is all about putting people first and doing great things together. We believe that when we work as one team, we can take action today to build lasting capability for tomorrow.
We Strive To Have The Most Enviable Culture On The Planet, Inspiring People To Reach Their Full Potential. Here’s How We Make It Happen
Intentional, flexible growth. We never want you to settle. Leading your own growth and transformation is your prerogative—one which we’ll help you nurture and develop every step of the way. We’ll inspire you to learn, teach, and ultimately carve your own path. That means you grow, we grow, and so do our clients.
People-first, and then some. It goes without saying that people come first, but what comes next? Our people are always at the heart; your wellbeing and success is built on a collective understanding that every one of us can be a coach, a friend, and a fantastic listener—regardless of job title. We think of it as a celebration of individuality, difference, and diversity.
Make your own change happen. With us, your curiosity and creativity know no bounds. The reins are off. All we ask is that you have the courage to transform yourself and those around you—colleagues and clients alike. If you’ve got the drive to become a changemaker, we’ll do the rest.
Enviable Total Rewards. We inspire our employees to do their best work. North Highland’s Total Rewards Program encompasses PTO, Medical, Dental, Vision, STD/LTD, Life Insurance, FSA/HSA, 401(k), and a variety of other perks like a dedicated Health Advocate, commuter benefits, and legal assistance. In addition, a competitive hourly rate of: $80.00 - $90.00/hr
READY TO MAKE CHANGE HAPPEN?
North Highland makes change happen, helping businesses transform by placing people at the heart of every decision. It’s how lasting progress is made. With our blend of workforce, customer, and operational expertise, we’re recognized as the world’s leading transformation consultancy. We break new ground today, so tomorrow is easier to navigate.
Founded in 1992, North Highland is regularly named one of the best places to work. We are a proud member of Cordence Worldwide, a global network of truly connected consultancy firms with the ability to think and deliver together.
Please note that applicants must be authorized to work in the United States without the need for visa sponsorship by North Highland. Work visa sponsorship will not be provided, either now or in the future, for this position.
North Highland is an Equal Employment Opportunity (EEO)/Affirmative Action employer. All qualified applicants will receive fair and impartial consideration without regard to race, color, sex, gender identity, religion, national origin, age, sexual orientation, disability, veteran status, or any other characteristic protected by law.
#ind2
Reference: 47774
APPLY FOR THIS JOB
Salary : $80 - $90
