Partners with either Health Plans or Shared Services to translate privacy, security, artificial intelligence (AI), business continuity, and related requirements from client contracts, laws, and regulations into actionable enterprise controls
Builds trusted relationships with Health Plan leadership and key stakeholders to ensure contract assurance, readiness reviews, Request for proposal (RFP) support, timely deliverable fulfillment, compliance reporting, and continuous improvement
Drives early engagement with Enterprise Privacy, Security and Risk Management (EPSRM) visibility and influence across the organization
Lead EPSRM engagement with Health Plans or Shared Services to ensure privacy, security, AI, and business continuity requirements are clearly understood, implemented, and monitored
Interpret and translate regulatory, contractual, and legal requirements into operational controls and guide stakeholders on compliance expectations
Validate and manage compliance evidence, deliverables, and audit readiness, including responses to regulators, clients, and internal/external auditors
Build and maintain strong relationships with leadership, operational teams, and regulators to remove obstacles, resolve issues, and support consistent compliance practices
Track regulatory, legislative and contract changes, assess organizational impact, and communicate required actions while supporting scalable control updates
Oversee the accuracy and completeness of privacy, security, AI, and business continuity documentation, including plans, attestations, questionnaires, and related submissions
Enhance enterprise engagement processes by driving standardized procedures, governance practices, templates, and continuous improvement efforts
Support new market entries, RFP responses, contract renewals, and business expansion by providing specialized EPSRM subject‑matter expertise
Identify risks and control gaps, recommend mitigation strategies, and contribute to improved compliance maturity across the enterprise.
Performs other duties as assigned.
Complies with all policies and standards.

Requirements

Bachelor's Degree in Information Security, Information Systems, Risk/Compliance, Business, Law, or Compliance related capabilities or equivalent experience as a paralegal required
Master's Degree in a related field preferred
Juris Doctor (JD) preferred
7+ years privacy/security, risk, or compliance within the managed care, payer/health plan industry required
5+ years identifying, analyzing, and communicating security or privacy control requirements within the context of health plan operations, processes, and systems required
Experience in assessing and interpreting contract and regulatory requirements, translating them into control-based operational capabilities, and ensuring delivery across multiple stakeholders required
Experience interpreting, implementing and ensuring compliance with State & Federal Privacy, Cybersecurity & AI laws & regulations applicable to healthcare payors and related business entities required
Licenses/Certifications: CISSP / CISM Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) Upon Hire required
Certified Information Privacy Professional (CIPP/US ), Artificial Intelligence Governance Professional (AIGP), Certified Risk and Information Systems Control (CRISC) or Certified Information Security Analyst (CISA) or equivalent preferred

Benefits

health insurance
401K and stock purchase plans
tuition reimbursement
paid time off plus holidays
flexible approach to work with remote, hybrid, field or office work schedules

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

privacysecurityartificial intelligencebusiness continuitycompliancerisk managementcontract interpretationoperational controlsaudit readinessregulatory compliance

Soft Skills

relationship buildingstakeholder engagementcommunicationproblem solvingcontinuous improvementleadershiporganizational skillscollaborationinfluenceadaptability

Certifications

CISSPCISMCIPP/USAIGPCRISCCISA