Director, Technology - Risk & Compliance

Date: Jun 1, 2022

Location: Rancho Cucamonga, CA, US

Company: Inland Empire Health Plans

Job Requisition ID: 6615 


Position Summary/Position


The Director Technology – Risk & Compliance will be reporting to the CIO, and lead IEHP’s security posture strategy and oversee and coordinate global security efforts across IEHP.  In collaboration with the CIO, IT Operations and Applications leaders, you’ll develop or evolve the policies and processes required to protect the confidentiality, integrity, and availability of information for IEHP and our partners, while ensuring compliance with industry laws, regulations, and regulatory guidance.
The Director Technology – Risk and Compliance is responsible for:
- Leading the security organization’s structure, technology investments, and processes to manage risk effectively, while remaining current with the evolving threat landscape. 
- Establishing security policies, controls, cyber incident response plans, security audit processes and reporting. You will provide oversight as to best security practices in software architecture and in selecting technology partners
- Advising to leadership regarding information security and the utilization of information risk management and practices.

Major Functions (Duties and Responsibilities)


Strategy & Governance 
1. Develop, implement, and communicate information security, policies, standards, and procedures that support the overall goals and strategic plans.
2. Provide leadership and direction across the Information Technology teams to instill practices that keep member and organizational data secure. Ensure confidentiality and security of data, proprietary information, and intellectual property.
3. Assist in developing and owning the strategic execution of the metrics and accountability programs, including SLAs, threat defense, and both operational and project-level KPIs.
Leadership & Management 
4. Build a proactive, security-responsible culture; establish communications and trainings to propagate cyber security policies and procedures throughout the organization
5. Develop partnerships with IT Leaders and co-develop Security roadmap to support IEHP’s achievement of its mission.
6. Manage the daily operations for Security Operations Center, secure development lifecycle, and governance functions across on-premise, hybrid cloud, and cloud capabilities.
7. Responsible for effective maintenance and ongoing development of the IT Incident Response Plan. Effectively coordinate technical and business unit staff as necessary.
8. Provide briefings to the IEHP executive team on security status, risks, and incident response.
9. Provide guidance on and approve identity and access policies and systems; perform periodic security audits.
10. Ensure that cyber incident response, disaster recovery and business continuity plans are in place and tested.
11. Manage and contain information security incidents and events to protect corporate IT assets, intellectual property, regulated data, and the IEHP’s reputation.
12. Work closely with IEHP’s IT and Business leaders to ensure the delivery of major strategic initiatives on schedule, and within budget.
13. Responsible for the supervision and development of reporting manager(s), including development of their supervisory and leadership skills, goal setting and attainment, decision making, communication, and project management abilities.
Vendor Management
14. Vendor management and Governance.
15. Periodic performance review by defining meaningful metrics.
16. Oversee, negotiate, and evaluate successful relationships with vendors, contractors, and service providers.

Supervisory Responsibilities

Leader: Administers Hires, Terminations, and Performance Reviews

Experience Qualifications


A minimum of ten (10) years of information systems experience at a leadership level including a minimum of eight (8) years of successful track record of:
­- Security Expert with executive management responsibilities and digital transformation leadership
­- Proven track record implementing the following programs: incident response, threat intelligence, DLP/DR/BCP, IAM, information privacy, SOC management, security architecture, security policy/advocacy and risk assessments
­- Developing and managing risk-based security programs leveraging a wide variety of cyber security technologies.

Education Qualifications


Bachelor’s degree in Computer Science, Information Management or similar technical field from an accredited institution required. 

Professional Certification


Industry certification of CISSP or equivalent.

Drivers License Required

Yes, must have a valid California Driver's License.

Knowledge Requirement


Knowledge of:
­- IT Strategy planning, IT Methodologies/Processes, cloud and digital technologies, scalable architectures, automation technologies.
- Current business practices and computing systems, IT development methodologies and operations.
- Program and project management and planning, process mapping, and budget management.
- Vendor and partner management. 
Strong understanding of:
­- Healthcare issues, information systems, management issues, and current trends.
­- Conceptualizing business strategies while implementing information systems and technology strategic direction.

Skills Requirement


- Strong planning, organization, critical thinking, decision-making and communication (verbal and written) skills. 
- Budget management skills. Proven skills in budget preparation fiscal management.
- Group presentation, leadership, team building, analytical and organizational skills.

Abilities Requirement


Proven ability to:
- Be a leader with a hands-on approach in a complex fast-paced business environment.
- Present issues and challenges in senior management forums.
- Work with a team of professionals from various disciplines. 
- Lead through times of change, disruption, and growth.
- Recruit, motivate and manage IT staff members.

Commitment to Team Culture


The IEHP Team environment requires a Team Member to participate in the IEHP Team Culture. A Team Member demonstrates support of the Culture by developing professional and effective working relationships that include elements of respect and cooperation with Team Members, Members and associates outside of our organization.

Physical Requirements

Keyboarding: Traditional - FREQUENTLY
Keyboarding: 10-Key - FREQUENTLY
Keyboarding: Other - FREQUENTLY
Hearing: One-on-One - FREQUENTLY
Communicate: Information/ideas verbally - FREQUENTLY
Near Visual Acuity - FREQUENTLY
Regular contacts: co-workers, supervisor - FREQUENTLY
Understand and follow direction - FREQUENTLY
Regular and reliable attendance - CONSTANTLY


Starting Salary: [[ 168,579.01 ]]  - [[ 223,368.29 ]]  

Pay rate will commensurate with experience


Inland Empire Health Plan (IEHP) is the largest not-for-profit Medi-Cal and Medicare health plan in the Inland Empire. We are also one of the largest employers in the region. With a provider network of more than 6,000 and a team of more than 2,000 employees, IEHP provides quality, accessible healthcare services to more than 1.2 million members. And our mission and core values help guide us in the development of innovative programs and the creation of an award winning workplace. As the healthcare landscape is transformed, we’re ready to make a difference today and in the years to come. Join our Team and Make a Difference with us! IEHP offers a Competitive salary and a benefit package with a value estimated at 35% of the annual salary, including medical, dental, vision, team bonus, and retirement plan.


Nearest Major Market: Riverside
Nearest Secondary Market: Los Angeles