3,506 Risk Compliance jobs in the United States

**Company :**
Highmark Health
**Job Description :**
**JOB SUMMARY**
This job works collaboratively to support of all risk and compliance assessment activities of Highmark Health across a broad range of frameworks including NIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO, etc. The incumbent will partner with the organizational risk and business partners, the technology organization, and global delivery teams to meet Highmark Health's mission requirements in a manner consistent with the enterprise risk appetite. This individual must have a proactive mindset and approach, and feel comfortable working in a highly matrixed environment.
**ESSENTIAL RESPONSIBILITIES**
+ Completes assessment activities according to the appropriate framework, including but not limited to NIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO, in order to identify, assess, prioritize, evaluate and address compliance, financial, information security, privacy, and other areas of risk. Prepares draft reports and other management reporting deliverables.Prepares all work paper and supporting documentation evidence according to audit quality standards in a consistent manner.
+ Schedules, delivers, and follows-upto ensure risk questionnaires and other risk assessments are completed timely in order to ensure compliance requirements are met across the Enterprise.Assists in training and mentoring less experienced team members on multi-faceted engagements, platform customer dependencies, and assists with the review and interpretation of less-complex authoritative guidance.
+ Delivers risk assessments to internal and external contacts.Assists with the review of inherent risk assessment results and the stratification of engagement risks, and assists with the development of assurance plans (e.g., on-site audit, contract review, financials assessment, purchasing data analysis) to address relevant risk areas and to ensure proper controls are implemented.Reviews and interprets information provided(including, but not limited toNIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO reports) and assists with performing qualitative and quantitative impact assessments based on physical, technical, and administrative safeguards as well as contractual requirements; conducts additional information gathering and risk assessments with external points of contact, as-needed; documents and reports results.
+ Documents and interprets complex data flow/ information sharing activities, customer integrations, and information safeguards into simplified and high-level terminology and/or process/data flows.Assists with maintaining enterprise supplier risk management reporting dashboards in RSA Archerapplications in order to keep information complete, accurate, and current.Prepares and assists with the delivery of risk assurance reports to management.
+ Assists with preparation of project plans to support risk assessment and risk decisioning processes in coordination with business owners and other stakeholders within task-based budgets.Collaborates with Information Security, Privacy, Procurement, Audit, Compliance, and other teams across the enterprise to align risk management objectives, practices and procedures.
+ Maintains departmental desk-level procedures, assessment methodology, assessment procedures, questionnaires, training, etc.Reviews and documents activities which demonstrate and support compliance with departmental metrics, performance of internal control activities, awareness of contractual obligations, regulatory requirements, and assistance with responding to customer inquiries / audits.
+ Interfaces with business areas, technical staff, project teams, and third parties to execute cross-functional risk assurance projects. Prepares materials to support communication of assessment results and findings with multiple stakeholder groups.
+ Assists with providing input and consultation on risk and assurance requirements.Consults with other areas (e.g., Procurement, Privacy, Information Security, Legal) throughout the engagement lifecycle along with internal business and contract administration partners.Assists in contract reviews and providing timely feedback on contract terms and conditions.
+ Other duties as assigned or requested.
**EDUCATION**
**Required**
+ Bachelor's Degree in Accounting, Finance, Business Administration/Management, Information Technology, Pre-Law, or related field
**Substitution** **s**
+ 6 years of related and progressive experience in lieu of Bachelor's degree
**Preferred**
+ Master's Degree in Accounting, Finance, Business Administration/Management, Information Technology, Pre-Law, or related field
**EXPERIENCE**
**Required**
+ 1 year in Audit and Compliance
To Include:
+ 1 year in Business Process Design
+ 1 year in Project Management
**Preferred**
+ None
**LICENSES or CERTIFICATIONS**
**Required**
+ None
**Preferred** (any of the following)
+ Certified Public Accountant (CPA)
+ Certified Information Systems Analyst (CISA)
+ Certified Information Privacy Professional (CIPP)
+ Certified Information Systems Security Professional (CISSP)
**SKILLS**
+ Demonstrate expert knowledge of business and technology processes, risk and control frameworks, and assessment methodologies, particularly as applied to healthcare (payer and provider) business processes.
+ Knowledge of relevant regulatory guidelines, vendor management, sourcing and procurement, and completing assessments of vendors
+ Excellent resource and project planning capabilities, decision making skills, history of results-oriented delivery, and effective team building across a cross-campus and diverse team of management and staff.
+ Strong written and verbal communication skills for diverse audiences (senior management, board, peer, and team).
+ Strong relationship building skills and ability to influence with and without authority in a matrixed organization.
+ Leadership qualities with an ability to motivate and inspire a group of individuals to achieve superior results.
+ High capacity to think analytically, interpret information / observations, apply judgment and make effective, strategic decisions.
**Language (Other than English):**
None
**Travel Requirement:**
0% - 25%
**PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS**
**Position Type**
Office-based
Teaches / trains others regularly
Occasionally
Travel regularly from the office to various work sites or from site-to-site
Rarely
Works primarily out-of-the office selling products/services (sales employees)
Never
Physical work site required
Yes
Lifting: up to 10 pounds
Constantly
Lifting: 10 to 25 pounds
Occasionally
Lifting: 25 to 50 pounds
Rarely
**_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._
**_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._
_As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._
_Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law.
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below.
For accommodation requests, please contact HR Services Online at
California Consumer Privacy Act Employees, Contractors, and Applicants Notice
Req ID: J

**Company :**
Highmark Health
**Job Description :**
**JOB SUMMARY**
This job works collaboratively to support of all risk and compliance assessment activities of Highmark Health across a broad range of frameworks including NIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO, etc. The incumbent will partner with the organizational risk and business partners, the technology organization, and global delivery teams to meet Highmark Health's mission requirements in a manner consistent with the enterprise risk appetite. This individual must have a proactive mindset and approach, and feel comfortable working in a highly matrixed environment.
**ESSENTIAL RESPONSIBILITIES**
+ Completes assessment activities according to the appropriate framework, including but not limited to NIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO, in order to identify, assess, prioritize, evaluate and address compliance, financial, information security, privacy, and other areas of risk. Prepares draft reports and other management reporting deliverables.Prepares all work paper and supporting documentation evidence according to audit quality standards in a consistent manner.
+ Schedules, delivers, and follows-upto ensure risk questionnaires and other risk assessments are completed timely in order to ensure compliance requirements are met across the Enterprise.Assists in training and mentoring less experienced team members on multi-faceted engagements, platform customer dependencies, and assists with the review and interpretation of less-complex authoritative guidance.
+ Delivers risk assessments to internal and external contacts.Assists with the review of inherent risk assessment results and the stratification of engagement risks, and assists with the development of assurance plans (e.g., on-site audit, contract review, financials assessment, purchasing data analysis) to address relevant risk areas and to ensure proper controls are implemented.Reviews and interprets information provided(including, but not limited toNIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO reports) and assists with performing qualitative and quantitative impact assessments based on physical, technical, and administrative safeguards as well as contractual requirements; conducts additional information gathering and risk assessments with external points of contact, as-needed; documents and reports results.
+ Documents and interprets complex data flow/ information sharing activities, customer integrations, and information safeguards into simplified and high-level terminology and/or process/data flows.Assists with maintaining enterprise supplier risk management reporting dashboards in RSA Archerapplications in order to keep information complete, accurate, and current.Prepares and assists with the delivery of risk assurance reports to management.
+ Assists with preparation of project plans to support risk assessment and risk decisioning processes in coordination with business owners and other stakeholders within task-based budgets.Collaborates with Information Security, Privacy, Procurement, Audit, Compliance, and other teams across the enterprise to align risk management objectives, practices and procedures.
+ Maintains departmental desk-level procedures, assessment methodology, assessment procedures, questionnaires, training, etc.Reviews and documents activities which demonstrate and support compliance with departmental metrics, performance of internal control activities, awareness of contractual obligations, regulatory requirements, and assistance with responding to customer inquiries / audits.
+ Interfaces with business areas, technical staff, project teams, and third parties to execute cross-functional risk assurance projects. Prepares materials to support communication of assessment results and findings with multiple stakeholder groups.
+ Assists with providing input and consultation on risk and assurance requirements.Consults with other areas (e.g., Procurement, Privacy, Information Security, Legal) throughout the engagement lifecycle along with internal business and contract administration partners.Assists in contract reviews and providing timely feedback on contract terms and conditions.
+ Other duties as assigned or requested.
**EDUCATION**
**Required**
+ Bachelor's Degree in Accounting, Finance, Business Administration/Management, Information Technology, Pre-Law, or related field
**Substitution** **s**
+ 6 years of related and progressive experience in lieu of Bachelor's degree
**Preferred**
+ Master's Degree in Accounting, Finance, Business Administration/Management, Information Technology, Pre-Law, or related field
**EXPERIENCE**
**Required**
+ 1 year in Audit and Compliance
To Include:
+ 1 year in Business Process Design
+ 1 year in Project Management
**Preferred**
+ None
**LICENSES or CERTIFICATIONS**
**Required**
+ None
**Preferred** (any of the following)
+ Certified Public Accountant (CPA)
+ Certified Information Systems Analyst (CISA)
+ Certified Information Privacy Professional (CIPP)
+ Certified Information Systems Security Professional (CISSP)
**SKILLS**
+ Demonstrate expert knowledge of business and technology processes, risk and control frameworks, and assessment methodologies, particularly as applied to healthcare (payer and provider) business processes.
+ Knowledge of relevant regulatory guidelines, vendor management, sourcing and procurement, and completing assessments of vendors
+ Excellent resource and project planning capabilities, decision making skills, history of results-oriented delivery, and effective team building across a cross-campus and diverse team of management and staff.
+ Strong written and verbal communication skills for diverse audiences (senior management, board, peer, and team).
+ Strong relationship building skills and ability to influence with and without authority in a matrixed organization.
+ Leadership qualities with an ability to motivate and inspire a group of individuals to achieve superior results.
+ High capacity to think analytically, interpret information / observations, apply judgment and make effective, strategic decisions.
**Language (Other than English):**
None
**Travel Requirement:**
0% - 25%
**PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS**
**Position Type**
Office-based
Teaches / trains others regularly
Occasionally
Travel regularly from the office to various work sites or from site-to-site
Rarely
Works primarily out-of-the office selling products/services (sales employees)
Never
Physical work site required
Yes
Lifting: up to 10 pounds
Constantly
Lifting: 10 to 25 pounds
Occasionally
Lifting: 25 to 50 pounds
Rarely
**_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._
**_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._
_As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._
_Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law.
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below.
For accommodation requests, please contact HR Services Online at
California Consumer Privacy Act Employees, Contractors, and Applicants Notice
Req ID: J

Description
About Reserv

Reserv is an insurtech creating and incubating cutting-edge AI and automation technology to bring efficiency and simplicity to claims. Founded by insurtech veterans with deep experience in SaaS and digital claims, Reserv is venture-backed by Bain Capital and Altai Ventures and began operations in May 2022. We are focused on automating highly manual tasks to tackle long-standing problems in claims and set a new standard for TPAs, insurance technology providers, and adjusters alike.

We have ambitious (but attainable!) goals and need adjusters who can work in an evolving environment. If building a leading TPA and the prospect of tackling the long-standing challenges of the claims role sounds exciting, we can't wait to meet you.
About the role

The Reserv Licensing Compliance Analyst will act as a central point of contact for all things related to adjuster licensing and compliance, ensuring that the organization operates within legal and ethical boundaries.The Reserv Licensing Compliance Analyst will oversee and execute the process of ensuring that our adjusters are properly licensed and compliant with all relevant regulations. This includes developing and implementing licensing strategies, managing the application and renewal process, and staying abreast of changes in licensing laws and regulations. They will also play a key role in educating staff and stakeholders on licensing requirements and ensuring the organization meets all compliance obligations.

Who you are

• Highly motivated and growth-oriented
• Subject matter expert. You have deep technical and subject matter experience in the world of commercial transportation claims, including coverage and litigation.
• Experienced in reviewing and analyzing contracts
• Tech-oriented. You are excited by the prospect of building a tech-driven claims organization while delivering an excellent service and have proven results leveraging technology and analytics
• Passionate professional who cares about their team, the customer, and their experience
• Empathetic peer leader. You exercise empathy and patience towards everyone you interact with
• Sense of urgency - at all times. That does not mean working at all hours.
• Creative. You challenge existing assumptions and find ways of leveraging technology and the talents of your team to address problems
• Curious. You want to know the whole story so you can make the right decisions early and be decisive when it counts.
• Problem solver. You have the ability to take a 'deep dive' into the details of the business while staying focused on the big picture
• Anti-status quo. You don't just wish things were done differently, you action on it
• Communicative. You are comfortable with and understand the importance of phone communications throughout the claims process
• And did we mention, a sense of humor. Claims are hard enough as it is.

What we need

We need you to do all the things typical to the role:

• Licensing Management : Oversee the adjuster licensing process, from initial application to renewal, ensuring all adjusters are properly licensed in the relevant
• states.
• Regulatory Compliance : Monitor and interpret changes in insurance regulations related to adjuster licensing and ensure the organization adapts its practices accordingly
• Policy and Procedure Development : Create, implement, and maintain policies and procedures related to adjuster licensing and compliance.
• Training and Education : Educate claims staff, adjusters, and other stakeholders on licensing requirements, compliance procedures, and best practices.
• Communication and Collaboration : Maintain open communication with regulators, internal teams, and external partners regarding licensing and compliance matters.
• Risk Management : Identify and assess and mitigate potential risks related to licensing and compliance and develop strategies to mitigate those risks.
• Monitoring and Reporting : Track licensing deadlines, manage compliance reporting, and provide regular updates on licensing and compliance status.

Requirements

• 2 years' experience in license management: In-depth understanding of insurance laws and regulations, particularly those related to adjuster licensing.
• Proven experience with the adjuster licensing process, including applications, renewals, and continuing education requirements.
• Bachelor's degree preferred
• Proven ability to develop and implement compliance programs and procedures.
• Excellent communication skills (written and verbal) for interacting with regulators, staff, and other stakeholders.
• Ability to analyze complex situations, identify potential issues, and develop effective solutions.
• Meticulous attention to detail is crucial for ensuring accuracy and compliance
• Ability to manage multiple tasks, prioritize effectively, and meet deadlines.
• May be required to lead a team or work collaboratively with other departments.

Benefits

• Generous health-insurance package with nationwide coverage, vision, & dental
• 401(k) retirement plan with employer matching
• Competitive PTO policy - we want our employees fresh, healthy, happy, and energized!
• Generous family leave policy
• Work from anywhere to facilitate your work life balance
• Apple laptop, large second monitor, and other quality-of-life equipment you may want. Technology is something that should make your life easier, not harder!

Additionally, we will

• Listen to your feedback to enhance and improve upon the long-standing challenges of an adjuster and the claims role
• Work toward reducing and eliminating all the administrative work from an adjuster role
• Foster a culture of empathy, transparency, and empowerment in a remote-first environment

At Reserv, we value diversity in backgrounds, perspectives, and life experiences and believe that diversity in viewpoints and critical thinking drives innovation, first-principles thinking, and success. We welcome applicants from all backgrounds and encourage those from all walks of life to apply. If you believe you are a good fit for this role, we would love to hear from you!

Get notified about new Compliance Supervisor jobs in United States .

25,000+ Compliance Supervisor Jobs in United States

• Compliance Officer - Compliance Risk Assessment - VP
• Sr. Compliance Manager (Relocation to Canada)
• Manager, Global Payment Operations and Compliance
• Senior Manager, Privacy Compliance Assurance
• Supervisor - DOT Compliance -
• Regional Compliance Manager - Express Operations
• Assistant Chief Safety & Compliance Officer
• Senior Manager, Process and Compliance (Finished Goods)
• Compliance Officer - Financial Crimes Oversight & Risk Assessment (Remote)

#J-18808-Ljbffr

Role Title: Data Analyst - Risk & Compliance

Location: Onsite - Mountain View, CA / Charlotte, NC

Experience Requested: 4-6 Years

Job Description

We are seeking a skilled Data Analyst with expertise in SQL and Tableau to join our team. The ideal candidate will be responsible for analyzing large datasets, identifying insights, and translating them into risk mitigation strategies and business opportunities. The role involves designing and scaling risk processes to address complex compliance challenges within a rapidly expanding user base.

Key Responsibilities

• Analyze and research large datasets to uncover trends, risks, and opportunities.
• Translate data insights into actionable business and compliance requirements.
• Design, implement, and scale risk processes to address evolving compliance risks.
• Develop interactive dashboards and reports using Tableau for risk and compliance monitoring.
• Partner with cross-functional stakeholders to support data-driven decision-making.
• Ensure data accuracy, consistency, and reliability in all reporting activities.

Required Skills & Qualifications

• 4-6 years of professional experience as a Data Analyst or in a similar role.
• Strong proficiency in SQL for querying and manipulating large datasets.
• Hands-on experience with Tableau (or similar BI tools) for data visualization and reporting.
• Solid analytical skills with the ability to interpret complex data and present insights clearly.
• Experience working with compliance, risk management, or regulatory-related datasets is a plus.
• Excellent communication and collaboration skills to work effectively with technical and non-technical teams.

Description

This position is responsible for supporting and assisting the Fiduciary Risk Manager in the execution of compliance and risk management activities in MidFirst Private Wealth Management. This role will also be responsible for supporting the business unit via the execution and monitoring of certain internal controls, as well as preparing and managing certain reports and supporting materials for internal governance committees.

Principal duties include:

• Gain and maintain understanding of applicable risks by performing walkthroughs of business processes and internal controls
• Manage/refresh activities, processes, controls and risk ratings on the Trust Department Risk Assessment
• Identify test populations, generate testing samples, and perform quality control testing of key controls
• Prepare summary reports of quality control testing results and recommendations
• Monitor and report on department Key Risk Indicators (KRIs)
• Liaison with internal audit, OCC and other regulatory personnel
• Assist with developing, updating and managing fiduciary risk management policies and procedures
• Prepare periodic management/governance committee reports

Position Requirements:

• Associate's Degree or greater required
• Minimum of 5 years banking or related industry experience, preferably in wealth management
• Strong analytical skills, e.g. the ability to problem solve, conduct reviews and analyze data, locate its source, and develop and recommend solutions
• Proficiency in Microsoft Office products and able to quickly learn/navigate various internal systems
• Heightened skill within Excel, using pivot tables, graphs, charts, and data analytics
• Ability to establish and maintain harmonious working relationships with co-workers and other business units
• Strong work ethic, independent initiative, and interpersonal skills

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

This employer is required to notify all applicants of their rights pursuant to federal employment laws.
For further information, please review the Know Your Rights notice from the Department of Labor.

**Summary:**
We are looking for a HR Risk and Compliance leader to join our evolving People Risk, Privacy and Compliance Program within The person will lead a team of risk and compliance professionals that work to enable Meta's People experiences, products and programs compliance in line with our global regulatory obligations. This leader will be responsible for a portfolio of risk management programs including monitoring, testing and risk assessment. This role requires developing a team of risk professionals and establishing key partnerships to identify, measure and manage risks associated within their environments. The ideal person will have proven compliance risk management skills, people management including organizational strategy and design, be self-motivated, and have a collaborative and positive attitude.
**Required Skills:**
Director, People Risk & Compliance Responsibilities:
1. Guide the design, build and execution of industry leading compliance programs in an AI first technology environment.
2. Steer compliance and operational risk assessments with key stakeholders and leaders across our HR, Legal and Engineering partners.
3. Engage the organization and cross-functional partners from Employment Legal, Privacy, Finance and Facilities regarding program initiatives related to monitoring, testing, assessing our compliance posture.
4. Recommend the process for determining appropriate risk appetite and tolerance across our compliance programs.
5. Present prepared reports of identified and assessed risks internally with HR Leadership to drive strategic investments in our operations impacting compliance.
6. Providing thought partnership, risk analytics, and recommendations around remediation, risk mitigation, or process improvement to risk owners, Compliance or other control-related functions, as well as Leadership.
7. Consult and coordinate with compliance on the creation and monitoring of risk mitigation or treatment plans.
8. Manage relationships both internal and external to the People Operations and Meta People Group.
9. Exercise excellent people skills, be a team player with a bias to action.
10. Be motivated by the opportunity to solve privacy problems within an operations environment
**Minimum Qualifications:**
Minimum Qualifications:
11. 15+ years experience in the area of risk management, audit and governance in an information technology environment
12. Bachelor's degree in Risk Management, Law, Information Systems, Business or another related field of study
13. Experience in designing, building and scaling risk processes, with experience getting things done and overcoming obstacles
14. Experience influencing senior level stakeholders -including "roll-up the sleeves" type of collaboration within a diverse, global, cross-functional team
15. Analytical and problem-solving experience with large-scale systems, and experience interpreting bottlenecks in complex systems and partnering with teams to resolve architectural issues, with experience adapting to new technology and participating in design discussions
16. Knowledge of Product Development Life Cycles (PDLC)
17. Experience in end-to-end strategy to implementation, navigating business structures while maintaining confidentiality and discretion
**Preferred Qualifications:**
Preferred Qualifications:
18. Have working knowledge or willingness to quickly learn the content and requirements of various laws, regulations, industry guidance, and company compliance policies, particularly related to HR, Privacy, data disclosure, and cybersecurity
19. Demonstrate data analytical skills, creativity, and experience working with attention to detail
20. Experience maintaining open, candid, and trusting work relationships
**Public Compensation:**
$230,000/year to $296,000/year + bonus + equity + benefits
**Industry:** Internet
**Equal Opportunity:**
Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.
Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at

**Company :**
Highmark Health
**Job Description :**
**JOB SUMMARY**
This job works collaboratively to support of all risk and compliance assessment activities of Highmark Health across a broad range of frameworks including NIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO, etc. The incumbent will partner with the organizational risk and business partners, the technology organization, and global delivery teams to meet Highmark Health's mission requirements in a manner consistent with the enterprise risk appetite. This individual must have a proactive mindset and approach, and feel comfortable working in a highly matrixed environment.
**ESSENTIAL RESPONSIBILITIES**
+ Plan and conduct risk assessment activities according to the appropriate framework, including but not limited to NIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO, in order to identify, assess, prioritize, evaluate and address financial, information security, privacy, and other areas of risk.Prepare draft reports and other management reporting deliverables.Review all work prepared by less experienced team members to ensure audit quality standards are consistently met in all forms of documentation.
+ Review and interpret inherent risk assessment results, engagement risks, and developassurance plans (e.g., on-site audit, contract review, financials assessment, purchasing data analysis) to address relevant risk areas and to ensure proper controls are implemented.Accountable for the review and interpretation of authoritative guidance (including, but not limited to NIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO reports) and performs qualitative and quantitative impact assessments based on physical, technical, and administrative safeguards as well as contractual requirements; conducts additional information gathering and risk assessments as-needed; documents and reports results.
+ Lead development of project plans to support risk assessment and decisioning in coordination with business owners and other stakeholders within task-based budgets.Collaborate and communicate with Information Security, Privacy, Procurement, Audit, Compliance, and other teams across the Enterprise to align risk management objectives, practices and procedures.
+ Interface with business areas, technical staff, project teams, and third parties to execute cross-functional risk assurance projects. Lead the communication of assessment results and findings with multiple stakeholder groups and provides consultation and direction throughout.
+ Interpret complex data flow/ information sharing activities, customer integrations, and information safeguards into simplified and high-level terminology and/or process/data flows.Maintains risk management reporting dashboards in RSA Archer applications in order to keep information complete, accurate, and current.Prepare and assist with the delivery of risk assurance reports to management.
+ Ensure risk questionnaires and other risk assessments are distributed and completed on-time and prepares initial impact assessments.Ensure compliance requirements are met across the Enterprise.Assist in training and mentoring team members on multi-faceted engagements, platform customer dependencies, and interpretation of complex contract agreements.
+ Collaborate with lead in providing input and consultation on risk and assurance reporting.Collaborate and consult with other areas (e.g., Procurement, Privacy, Information Security, Legal) throughout the engagement lifecycleAssist in providing timely feedback on interpretations regarding authoritative guidance.
+ Proactively reviews updates made to departmental desk-level procedures, risk assessment methodology, assessment procedures, questionnaires, training, etc. and is responsible for monitoring compliance with departmental metrics, internal control activities, contractual obligations, regulatory requirements, and responding to customer inquiries / audits.
+ Other duties as assigned or requested
**EDUCATION**
**Required**
+ Bachelor's Degree in Accounting, Finance, Business Administration/Management, Information Technology, Pre-Law, or related field
**Substitution** **s**
+ 6 years of related and progressive experience in lieu of Bachelor's degree
**Preferred**
+ Master's Degree in Accounting, Finance, Business Administration/Management, Information Technology, Pre-Law, or related field
**EXPERIENCE**
**Required**
+ 5 years in Audit and Compliance
To Include:
+ 3 years of Business Process Design
+ 3 years of Project Management

**Preferred**
+ None
**LICENSES or CERTIFICATIONS**
**Required**
+ None
**Preferred** (any of the following)
+ Certified Public Accountant (CPA)
+ Certified Information Systems Analyst (CISA)
+ Certified Information Privacy Professional (CIPP)
+ Certified Information Systems Security Professional (CISSP)
**SKILLS**
+ Demonstrate expert knowledge of business and technology processes, risk and control frameworks, and assessment methodologies, particularly as applied to healthcare (payer and provider) business processes.
+ Knowledge of relevant regulatory guidelines, vendor management, sourcing and procurement, and completing assessments of vendors
+ Excellent resource and project planning capabilities, decision making skills, history of results-oriented delivery, and effective team building across a cross-campus and diverse team of management and staff.
+ Strong written and verbal communication skills for diverse audiences (senior management, board, peer, and team).
+ Strong relationship building skills and ability to influence with and without authority in a matrixed organization.
+ Leadership qualities with an ability to motivate and inspire a group of individuals to achieve superior results.
+ High capacity to think analytically, interpret information / observations, apply judgment and make effective, strategic decisions.
**Language (Other than English):**
None
**Travel Requirement:**
0% - 25%
**PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS**
**Position Type**
Office-based
Teaches / trains others regularly
Occasionally
Travel regularly from the office to various work sites or from site-to-site
Rarely
Works primarily out-of-the office selling products/services (sales employees)
Never
Physical work site required
Yes
Lifting: up to 10 pounds
Constantly
Lifting: 10 to 25 pounds
Occasionally
Lifting: 25 to 50 pounds
Rarely
**_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._
**_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._
_As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._
_Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law.
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below.
For accommodation requests, please contact HR Services Online at
California Consumer Privacy Act Employees, Contractors, and Applicants Notice
Req ID: J

Our client, a prominent financial institution, is looking for a highly experienced Senior Risk & Compliance Manager to join their esteemed team in Boston, Massachusetts, US . This role offers a flexible hybrid work arrangement, combining the benefits of in-office collaboration with the convenience of remote work. The successful candidate will be responsible for developing, implementing, and overseeing comprehensive risk management strategies and ensuring adherence to all relevant regulatory requirements. You will play a pivotal role in safeguarding the organization's assets and reputation. Responsibilities include:

• Developing and implementing robust risk management frameworks and policies across the organization.
• Identifying, assessing, and prioritizing potential risks (operational, financial, strategic, compliance, etc.).
• Designing and executing compliance programs to ensure adherence to all applicable laws, regulations, and industry standards.
• Conducting regular risk assessments, internal audits, and gap analyses.
• Developing and delivering risk management and compliance training to employees at all levels.
• Monitoring regulatory changes and implementing necessary adjustments to policies and procedures.
• Investigating and resolving compliance issues and incidents.
• Preparing comprehensive reports for senior management and regulatory bodies.
• Collaborating with legal, audit, and operational departments to ensure integrated risk management.
• Staying abreast of industry best practices in risk management and corporate governance.

Qualifications:

• Bachelor's degree in Finance, Law, Business Administration, or a related field. Master's degree or relevant professional certifications (e.g., CRISC, CISA, CCEP) are highly desirable.
• A minimum of 7 years of experience in risk management, compliance, or internal audit within the financial services sector.
• In-depth knowledge of relevant financial regulations (e.g., SEC, FINRA, BSA/AML).
• Proven experience in developing and implementing risk assessment methodologies and compliance programs.
• Strong analytical, problem-solving, and decision-making skills.
• Excellent written and verbal communication skills, with the ability to present complex information clearly and concisely.
• Demonstrated leadership abilities and experience managing cross-functional projects.
• Proficiency in risk management software and tools.
• High level of integrity, ethical conduct, and attention to detail.
• Ability to work effectively in a dynamic and demanding environment.

This is a challenging and rewarding opportunity for a seasoned professional to contribute significantly to the stability and integrity of a leading financial organization. We are looking for an individual with a proactive approach and a deep understanding of the regulatory landscape.