Additional Detail
Chief of Information Security & Privacy
Anticipated Starting Salary Range: $140,000 - $160,000
Starting Salary Commensurate with Qualifications and Experience
The State Corporation Commissions (SCC) Health Benefit Exchange (HBE or Exchange) Division seeks a talented people leader for a Chief of Information Security & Privacy position on its senior leadership team. The selected candidate for this position will set the vision and strategic direction of the HBEs privacy and security governance, risk and compliance programs to enable the organizations mission, and foster a culture of innovation and continuous improvement. The Chief of Information Security & Privacy will serve as: a trusted advisor to senior leadership, translating risk into business terms to enable informed decision making; a collaborative partner across the organization; and as the HBEs authority on matters of security, privacy, compliance, and risk management associated with operating Virginias Insurance Marketplace. This position offers a hybrid work schedule (some in-office and telework days each week) as well as a variety of professional development and training opportunities.
Essential functions of this position include, but are not limited to, the following:
Set direction and provide governance and oversight for security, privacy, Governance Risk and Compliance aligned to HBEs mission and priorities.
Lead, develop, and retain a high-performing InfoSec team, empowering direct reports and analysts to own operational execution.
Build and sustain working relationships across legal, business, IT operations, supplier management, program management, finance, SCC divisions, and external stakeholders including federal oversight bodies, vendors, auditors, partners, other state-based exchange counterparts.
Identify organizational, information, and supply chain risk, assess impact and likelihood, and clearly articulate risk posture and tradeoffs to leadership and governance bodies.
Serve as the HBEs Senior Information Security Officer and Privacy Officer.
Ensure organizational alignment with applicable federal and state regulatory frameworks and standards including but not limited to Center for Medicare and Medicaid Services (CMS) ARC-AMPE, Internal Revenue Service (IRS) PUB 1075, VITA SEC-530, SCC (and successors).
Establish, maintain, and evolve HBE security and privacy policies, governance frameworks, and compliance posture.
Foster security and privacy culture throughout the HBE.
Oversee InfoSec specific contract compliance including SLAs, reports, and deliverables.
Perform related work as required.
Please Note: SCC only accepts applications received through its career center site. Applications submitted through Virginia Jobs site directly will not be considered.
For more information and to apply for this position directly on the SCC Career Center website, click the Additional Detail button on this page.
To view all current SCC job openings, visit the SCC Career Center website and click the Search button under Job Search.