Who We Are
We are a leading not-for-profit health insurer in Wisconsin, and our services have grown to reach active-duty and retired military personnel, seniors, and families in Wisconsin, across the U.S., and around the world. Learn more!
WPS receives World's Most Ethical Company Award for 10th Year in a Row - 2019 Most Ethical Companies Announcement
At Our Core
WPS Health Solutions has earned a reputation as a leader in the insurance and benefits administration industry through our commitment to excellence and high-quality service. Our corporate values reflect the core of who we are and how we conduct business every day.
I recognize how my actions impact internal and external customers by being responsible for the customer experience. I look beyond the immediate issue to recognize and solve the problem.
I own my actions. I am accountable and dedicated to achieving the best results for WPS Health Solutions and our customers. I embrace my role in helping the company achieve a high-performance workplace.
I lead by example and act ethically, honestly and am trustworthy. I show appreciation for others by giving and taking constructive feedback and encouragement.
Driven and Passionate
I approach my work with enthusiasm, and personal commitment to the success of our business. I keep the importance of the work we do for our customers alive in my attitude and interactions with others, and demonstrate pride in the worthiness of our purpose.
The Deputy Information System Security Officer will provide day-to-day subject matter expertise, consulting, and operational services for information security on mission-critical systems. You will support teams and work closely with Legal, Compliance and Government counterparts on mission-critical Information Technology (IT) projects and compliance initiatives. You will work closely with organization Privacy Officers to ensure systems design and business processes meet data privacy requirements. The functions of the Deputy ISSO align and support the functions, strategy and vision set forth by the Chief Information Security Officer (CISO).
In this role you will:
Information System Security Compliance (70%)
Interpret and maintain a working knowledge of WPS contracts, specifically regarding cybersecurity and compliance expectations and reporting requirements.
Maintain working relationships with regulatory agencies and governing bodies such as the Department of Defense (DoD), and CMS. Keep organization up to date on recent and future developments.
Track and review exceptions to required system configurations.
Work closely with Compliance to establish and maintain a process for identifying and documenting security control compliance (predictable/repeatable/sustainable).
Provide input to corrective action plans and preventative measures to appropriate implementation teams in response to findings by internal and external auditors.
Coordinate closely with IS subject matter experts to ensure tied-out and executable security controls, embrace and support a process of continuous improvement, along with evolving security control design.
Consult with IS teams and business units to promote compliance with company policy and regulatory requirements.
Coordinate with internal and external IT auditors to coordinate and schedule audits, risk assessments, official external evaluations, and penetration tests.
Provide compliance status to internal and external customers monthly (at a minimum), including Plan of Action and Milestones (POA&M).
Provide maintenance support of applicable system security plans to ensure they are current and complete, coordinate security plan certification and government reporting, as required.
Align security operations with corporate policy and regulatory requirements and guidelines.
Analyze security features of new IS products/solutions to ensure they meet company and regulatory requirements as part of system development life cycle.
Analyze security functionality of new/redesigned system architecture to meet company and regulatory requirements (specifically CMS Technical Reference Architecture) as part of system development life cycle.
Participate in information security investigations.
Perform daily prioritization of work to ensure assigned projects are completed timely.
Facilitate IT system information security program and ensure necessary safeguards are in place and working as intended.
Review compliance of all components with security requirements (such as CMS Core Security Requirements) and report vulnerabilities to management.
Provide leadership, expertise, and solutions on moderately complex initiatives.
Assume backup role for Sr ISSO as needed.
Lead moderately complex projects and provide guidance to less experienced staff
Represent information security by participating on various security and compliance teams to address information security compliance requirements.
You should have:
Bachelor's degree in Information Systems or related field OR equivalent post high school education and/or work-related experience
Minimum of 1 or more related Security, Audit, and/or Project Management certifications such as Certified Information Security Manager (CISM), Certified
Information Systems Security Professional (CISSP), Certified Government Auditing Professional (CGAP)
Must complete a minimum of 40 Continuing Professional Education (CPE) hours annually.
In addition, we prefer:
familiarity with HIPAA, PCI, and CMS requirements AND
Stay connected: Sign-up for Job Alerts
WPS Health Solutions