Manager, Information Security Compliance

 Bankers Healthcare Group - Company site
 January 5, 2022
Are you ready to join a growing team that puts a premium on productivity and has an award-winning culture, centered around transforming talented employees into effective business leaders?
Then Bankers Healthcare Group is the place for you. We offer innovative financial solutions to licensed and highly-skilled professionals, representing the best of both traditional lending and fintech, and are looking for passionate, impact players to help take our company to the next level.
At BHG, you’ll become immersed in the finance industry—with a variety of loan solutions, credit cards, patient financing, bank programs, and collections services, which have helped BHG become one of the leading providers of finance solutions.
With over 20 years in business, we have the stability of an established company with the speed and agility of a startup, where ingenuity and risk-taking are encouraged, and every employee has the opportunity to learn, grow and thrive. 
Who You Are
You are a motivated Information Security professional who is passionate about Risk. You excel at balancing risk versus reward, and have experience developing and enhancing Information Security Risk programs. You are an enthusiastic and driven individual who thrives in a fast-paced environment where you will build meaningful relationships and reduce risk to the BHG brands.

What You’ll Do

  • In this role, you will mature and manage the Information Security Risk Program by collaborating with multiple stakeholders to identify and mitigate risk, assign ownership, and ensure risk treatment is in accordance with BHG business initiatives and goals.
  • Key responsibilities include:
  • Meeting with business stakeholders to identify top information security (IS) risks.
  • Collaborating with business and Information Technology (IT) leaders to balance risk and reward, while maintaining security and compliance requirements.
  • Maturing the IS Risk Management Program by helping to define an IS risk register.
  • Enhancing the Third-Party Risk Assessment process for new and existing tools, on premise implementations, and third parties with access to BHG information assets.
  • Reviewing and responding to red-line edits pertaining to IS requirements in vendor contracts.
  • Introducing internal application and system risk assessments aligned with BHG policies, standards, and security frameworks.
  • Evaluating risks related to policy and standard exceptions.
  • Consulting on new projects, tools, initiatives, and implementations to identify risks and ensure BHG policies, standards, and frameworks are adhered to.
  • Coordinating external company-wide IT/IS risk assessments.
  • Articulating identified risks to the business for risk treatment, mitigation, and sign-off.
  • Collaborating with the Enterprise Risk Management (ERM) team to incorporate IS Risk into the ERM program.
  • Responding to customer or other third-party inquiries related to BHG’s IS program.
  • Assisting in developing and maintaining Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for the IS Risk Program and initiatives.
  • Assisting in developing enterprise and functional team-specific presentations to promote a security mindset.
  • Assisting in implementation of automated processes and Governance, Risk, and Compliance (GRC) toolsets.
  • Managing a team of risk professionals and promoting individual career development and training.
  • Performing other duties as required.
  • What You’ll Need

  • Six (6) years of proven experience in the IS field or combination of management experience in other disciplines.
  • Bachelor’s Degree, ideally in Computer Engineering, Computer Science, or Information Systems Management or equivalent work experience in the field of IS.
  • Possess current relevant certifications (e.g., CRISC, CISM, CISA, etc.). 
  • Expert knowledge of IS frameworks such as SOC 2, NIST, ISO, FISMA, etc.
  • Expert knowledge of IS risk frameworks such as OCTAVE, FAIR, ISACA Risk IT, ISO 27005, NIST 800-30, etc.
  • Knowledge of compliance requirements such as FFIEC, GLBA, SOX, CCPA, etc.
  • Problem analysis and resolution at both a strategic and functional level.
  • The ability to organize and manage multiple priorities.
  • Excellent interpersonal and communication skills.
  • Ability to translate technical requirements to business objectives.
  • Life at BHG
    At BHG, we work hard and aren’t afraid to take risks. Since the beginning, our core values of PMA (positive mental attitude), team player and loyalty have been the driving force behind every interaction we have between each other and our customers. We have a healthy respect for the daily grind, yet we value work/life balance. We believe that all employees should have the opportunity to lead and that good ideas can come from anyone. From the top-down, our leaders are actively involved not only in strategic oversight and running the business, but also in the wellbeing and growth of all employees. We consider people our #1 asset, and help employees realize their full potential, set and exceed their goals, and explore new opportunities for personal and professional development.
    Why You Should Join BHG
    We strive to offer amenities, opportunities, events, and programming that support the interests of our teams, while furthering the culture that makes us Great Place to Work® certified. Some of the benefits you can expect when you join BHG include:
    ·         100% coverage of monthly health insurance premiums
    ·         Competitive PTO and vacation policies
    ·         Company 401(k) plan with employer contributions after one year
    ·         On-site gym access and memberships, with personal trainers, and certified nutritionists on staff
    ·         Company-sponsored training and certification opportunities
    ·         Monthly award ceremonies where top achievers are celebrated and receive additional bonuses
    ·         Ongoing volunteer opportunities to give back to the community through our BHG Cares program
    If you’re ready for a career where you can exercise your passions, be surrounded by co-workers who are relentlessly committed to service, and have a team-player mindset, apply today!
    ** All Remote employee’s at Bankers Healthcare Group are required to work within the United States of America.
    Bankers Healthcare Group is committed to equal treatment and opportunity in all aspects of recruitment, selection, and employment without regard to gender, race, religion, national origin, ethnicity, disability, gender identity/expression, sexual orientation, veteran or military status, or any other category protected under the law. Bankers Healthcare Group is an equal opportunity employer; committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.