Senior Manager --- IT Risk Management
Posted on Feb 15, 2020 by Change Healthcare
As one of the largest healthcare technology companies in the U.S., we are a catalyst to accelerate the journey toward improved lives and healthier communities.Here at Change Healthcare, we're using our influence to drive positive changes across the industry, and we want motivated and passionate people like you to help us continue to bring new and innovative ideas to life.
If you're ready to embrace your passion and do what you love with a company that's committed to supporting your future, then you belong at Change Healthcare.
Pursue purpose. Champion innovation. Earn trust. Be agile. Include all.
Empower Your Future. Make a Difference.
Responsibilities include, but are not limited to, business development, research, marketing, networking, and contract management. The senior manager, working collaboratively with the Practice Director, Operations, and Sales Departments, will assist with sales, recruitment/staffing, and client engagement efforts for their area(s) of responsibility. In addition, he or she will be responsible for delivery of security services to the IT Risk Management clients.
Remote/Telecommuter position. Requires 80% overnight travel
- Assist the Practice Director to define and lead the practice area's respective strategy
- Promote the use of engagement standards to drive consistency and quality and ensure engagements are run the CHC way
- Assist in Developing a culture of Integrity, Dependability, Excellence, Action Orientation, Levity, and Sales Focus throughout the practice area while maintaining high morale by contributing to an effective, positive work environment
- Maintain a collaborative environment in which all practice participants interact and share ideas to deliver extraordinary value to our clients
- Assist with sales forecasting, planning, and budgeting processes used within the practice area
- Works collaboratively with the Operations Department to recruit, hire, and retain the industry's top consultants
- Manage, mentor and develop staff; create career paths and motivate team members toward perpetual professional growth
- Proactively seeks out additional consultants for hire
- Keeps up to date with industry trends and proactively adjusts practice area's strategy to best capitalize on emerging opportunities
- Proactively seeks new opportunities for sales; be a catalyst for growth and expansion
- Drive proposal and RFP responses by actively leading the effort to draft, review and finalize submissions.
- Prioritize opportunities and targets to have the greatest overall impact on business results
- Work with other Practice Area Leads to cross-sell within existing clients
- Attend conferences and participate in social networking to leverage and expand networking opportunities
- Present at conferences and other forums to demonstrate thought leadership and the practice area's value proposition
- Establish and maintain productive, professional relationships with key personnel at customer accounts
- Create additional value for clients through continual insights and consultative advice based on experience with the client, their industry, established standards, and leading practices.
- Demonstrate a high-level of commitment to client success, promptly responding to changes in client expectations both professionally and effectively.
- Proactively monitor engagements and strive to maintain high levels of quality, accuracy, and process consistency throughout the practice
- Constantly evaluate risks when evaluating new engagements and clients; work to ensure CHC and its client's interests are met
- Direct project initiation, complete start-up documents and provide engagement orientation to team members
- Take responsibility and action if the engagement falls behind schedule or fails to bring desired results
- Resolve escalated engagement requirements issues, removes barriers and obstacles to the engagement
- Require the use of solid facts, metrics, and data to support actions at all levels of decision-making
- Ensure speedy reviews at key decision points to accelerate decision-making, keep team members motivated, and maintain engagement velocity
- Hold engagement participants accountable for deliverables and timelines
- Assure linkage of engagement efforts to organizational strategies and priorities
- Actively participate in key meetings where executive level decision making is necessary
- Work with client and vendor executives to maintain scope, focus, and momentum
- Provide support and guidance to engagement managers
- Review budgets and make sure each engagement is maximizing revenue and margin while providing optimal client value
- Ensure engagement documentation is stored on SharePoint
- Direct project closure and the completion of final documents
Practice Area Specific
- Evaluate client's capabilities as it relates to IT Risk Management; make recommendations on how to optimize their staffing, operations, and technology
- Lead client initiatives to evaluate, select, procure, and implement vendor solutions that will improve their analytics and risk management capabilities
- Develop standard methodologies to provide client value through:
- Cybersecurity Strategic Advisory Services
- Comprehensive Information Security Program Development
- Information Security and Risk Management Consulting
- IT Risk Assessments
- Business Impact Assessments
- Cybersecurity Assessments
- Penetration Testing and Vulnerability Assessments
- HITRUST Assessments
- PCI-DSS Assessments
- HIPAA and HITECH Assessments
- SOC 2 Readiness Assessments
- Business Continuity/Disaster Recovery Planning
- Cloud Security Reviews
- IT Security Technology Implementations
- Security related staff augmentation, including but not limited to Virtual Chief Information Security Officers
- Prepare reports or other necessary documentation to detail results of evaluation and otherwise meet the objectives of the project.
- Submit recommendations to client for corrective action or to support a recommend approach to solving the client's needs.
- Participate in planning and implementing of client information systems, including structure, process, and security.
- Participate in strategic and tactical objectives to include new product offerings, identify additional client needs, and generating new business leads.
- Correspond with a variety of clients and communicate security issues, recommendations, and deliverables effectively.
- Evaluate and/or implement cybersecurity solutions and controls to ensure data security and integrity for our clients.
- Generate ideas for new cybersecurity solutions aligned with our clients evolving needs
Must have 8+ years' experience in a combination of risk management, information security and information technology fields. At least 4 years of experience in a senior leadership role
Bachelors degree in Information Security, Computer Science, Management of Information Systems, or related field required. Masters preferred.Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Healthcare Privacy and Security (CHPS), or other similar credentials.
- Must have 10+ years of experience working in a healthcare environment 5+ of which must be at a health insurance company, third party administrator or healthcare provider.
- Must have a solid understanding of the operations and the enterprise value chain of a health plan
- Must have 5+ years' experience working within a Health Plan Enterprise or provider Architecture
- System and network administration experience on UNIX, Linux, and Microsoft Windows.
- Knowledge and demonstrated experience of relevant legal and regulatory requirements, such as SOX, PCI DSS, HITECH, HIPAA Privacy & Security and other CMS regulations and guidelines.
- Knowledge of security areas such as Auditing, Policy, Database Security, Firewall Design and Implementation, Risk Analysis, Identity Management, Access Management, and Web Services.
- Knowledge of common information security management frameworks, such as NIST
- Must have experience running multifaceted engagements that include a variety of technical and business tracks - from planning through implementation
- Must have experience managing multiple parallel engagements and dealing with time management, resource leveling, multiple client priorities, and competing demands
- Must have experience running practices with budgets of over $5 million and 20 participants
- Must have contingency planning and risk mitigation experience
- Must have a high level of self-motivation and be able to work both independently as well as with a team
- Must have outstanding verbal and written communications and presentation skills with the ability to communicate clearly to all levels of an organization
- Must be a quick and creative problem solver
- Must have experience assessing team performance and making changes as needed
Join our team today where we are creating a better coordinated, increasingly collaborative, and more efficient healthcare system!
Equal Opportunity/Affirmative Action Statement
Change Healthcare is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, genetic information, national origin, disability, or veteran status. To read more about employment discrimination protections under federal law, read
EEO is the Law
at and the supplemental information at you need a reasonable accommodation to assist with your application for employment, please contact us by sending an email to with 'Applicant requesting reasonable accommodation' as the subject. Resumes or CVs submitted to this email box will not be accepted.Click here to view our pay transparency nondiscrimination policy.Change Healthcare maintains a drug free workplace and conducts pre-employment drug-testing, where applicable, in accordance with federal, state and local laws.