Security and Compliance Manager
Navigate Wellbeing Solutions
- West Des Moines, IA
- Permanent
- Full-time
Information Technology
Manager: Chief Technology Officer
ExemptWe are Navigate!
A well-tech company helping organizations create more health and happiness in the employees, clients, and communities we serve. Our purpose is to Do Good Things. For us, these words are more than a catchy mantra. They’re the reason this company was formed and the guiding light for every decision. We’re all at Navigate because we truly want to spark positive change in other people’s lives. Here’s to doing good things – together!
How you contribute to our success
The Navigate Security and Compliance Manager will develop and oversee the organization’s security policies and procedures in accordance with industry regulations, standards, and laws. It is this position’s responsibility to ensure that the organization meets all the security requirements to prevent cyber-attack and data breaches. Duties include creating and maintaining policies and procedures, conducting audits, and staying current with security trends, threats, and regulations.
This work includes management of security controls (SOC 2), contract assessments, best practices, security audits, maintaining HIPAA compliance, and guiding the organization through a time of rapid growth.
A successful security and compliance manager will have strong analytical and problem-solving skills, along with the ability to communicate effectively with non-technical executives and staff.Your Responsibilities to the team, our clients and community
- Develops, maintains, and communicates the organization’s information security policy and procedures
- Directs and oversees the assessment, selection, implementation, and maintenance of information security tools and technologies
- Evaluate new or updated industry regulations to ensure continued compliance
- Enforces information security controls and investigates/responds to information security incidents
- Oversee training and employee understanding of security controls
- Manages business continuity planning (BCP) activities when required by regulation or senior leadership
- Prepares reports, business cases, and presentations on security risk, controls, the status of compliance efforts
- Completes client and vendor security audits and questionnaires
- Acts as liaison between IT and other functions regarding information security events or incidents
- Oversees the vendor management process
- Ensure security and compliance with key partners including application development partner and managed service provider partner
- Demonstrate the Navigate Way in your daily work and interactions with team members, clients and the community
- Other duties needed to serve our company, clients and community
- Possess a strong understanding of organizational security policy implementation and training
- Understands network and endpoint security best practices
- Proven history of using project management skills
- Technical writing skills
- Past experience leading organizational security and compliance efforts
- Deliver the Boom
- Everybody Love Everybody
- We are Family
- Inspire & Innovate
- Embrace Change
- Growth is Great
- Efficient & Effective
- Give Back
Experience
- 3-5 years of security and compliance expertise
- In-depth knowledge of HIPAA and SOC frameworks
- A bachelor’s degree in information security, administration, legal studies, or related field or equivalent work experience
- Certifications like CISSP or comparable a plus
- Normal mental and visual attention is required. Normal office working conditions requiring continuous use of both hands. Sitting most of the time, may involve walking or standing for brief periods of time.
- Position requires occasional bending, squatting, twisting and climbing stairs. There are minimal exposures to workplace hazards.
- To perform the job successfully, an individual must be able to perform each essential function satisfactorily. Reasonable accommodations may be made to enable a qualified individual with a disability to perform the essential functions.
- Position is available for remote workers.