Teledoc Lewisville , TX 75067
Teladoc Health is hiring! We are looking for a Information Security Manager who will be focused on the compliance, policy, and vendor management aspects of the Information Security Program. This individual will work closely with the business, its technology and operations groups as well as vendors to ensure policy, requirements and controls are developed and implemented.
WHAT YOU WILL BE DOING:
Manages the RFI response process related to the information security requirements for prospects and new clients.
Manages the client security assessment program.
Collaborates with contract management and procurement functions for on-boarding and due diligence analysis of potential service providers and clients.
Implements and maintains tools, processes, and metrics in support of monitoring policy compliance, standards and applicable compliance requirements.
Assists with the coordination of external audit and assessment activities.
Performs or coordinates annual/periodic risk assessment activities.
Manages the third party/vendor management program for all relationships impacting sensitive data.
Integrates with compliance management function to plan and execute policy compliance activities for 3rd parties.
Aggregates other management reporting metrics including vulnerability, logging and monitoring and user access compliance data.
Provides consulting and guidance services to IT and business project teams to integrate information security solutions and technologies.
Supports internal compliance testing, documentation and follow-up.
Assists with tracking root cause and remediation activities for information security issues, audit findings and observations.
Participates in incident response activities and investigations where needed.
YOU SHOULD HAVE:
Proficient understanding of Information Security industry standards/best practices (e.g., NIST, HIPAA, ISO)
Proficient understanding of Information Security related laws and regulations (e.g., MA 201 CMR 17.00, GDPR)
Field level experience with managing security program assessments (e.g. SOC II, HIPAA and HITRUST, ISO)
Working understanding of related information security technologies and concepts (access and authentication, network and application, message and transmission security as well as the modern threats to an enterprise (social engineering/phishing).
CISSP, CISA, CISM certification (or similar) is desirable, although not a requirement
Time management, prioritization and strong communication skills are essential for this role as it will be managing multiple ongoing activities with internal peers as well as outside parties.
EDUCATIONAL REQUIREMENTS & EXPERIENCE
Bachelor's degree in Information Security, Computer Science or equivalent experience preferred
5 years of experience in an information security role
Experience in a HIPAA environment is a plus
Experience with GRC tools (e.g. Archer, ZenGRC, ServiceNow)
Teladoc Health is the global virtual care leader, offering the only comprehensive virtual care solution spanning telehealth, expert medical, and licensed platform services. Teladoc Health serves the world's leading insurers, employers, and health systems and helps millions of people around the world resolve their healthcare needs with confidence.