Job Description for:
Develop, revise, update and maintain Risk & Compliance policies and other written standards.
Administer & Coordinate with the functional stakeholders for smooth implementation and monitoring of Risk & compliance systems
Review, maintain and continual improvement of Risk Management requirements as per Omega Healthcare Standards and industry wide best practices.
Serve as Internal Risk management consultant to the organization. Responsible for security planning and effectively managing information security and operation risk risks within the operating environment.
Initiate, facilitate, and promote activities to create Risk Management awareness within the organization.
Facilitate cross functional department SPOC to review their Policies and procedures document and other Risk and Compliance activities
Minimize audit observations (NC's) and ensure good rating for in external /client audits.
Warrant appropriate methodologies for various processes of Compliance systems, e.g., risk assessment, risk treatment, document classification, etc.
BCP / DR (ensure BCP / DR is in place, perform drills, reporting etc.)
Security incident management (identify security events / incidents, conduct investigation, gather evidence, report to relevant authorities, suggest preventive measures and closures)
Qualification:
Any graduate with good communication skills
Overall IT experience of 12 to 15 years, with a minimum of 10 years in IT Security, Audit, or Compliance roles.
Knowledge or experience of regulations/standards/frameworks like ISO 27001, 9001, HIPAA, HITRUST, HITECH, SOC1/2, NIST etc.
Certifications like ISO 27001, CISA, CISM, CRISC, PCI-DSS is an advantage