Overview: For nearly 40 years, Great Expressions Dental Centers (GEDC) has been a leader in providing preventative dental care, orthodontics, and specialty care with 275+ local offices in 10 states: Connecticut, Florida, Georgia, Massachusetts, Michigan, New Jersey, New York, Ohio, Virginia, and Texas! One of the largest privately owned Dental Support Organizations in the United States, GEDC is consistently recognized for improving oral health through quality and safety initiatives, affordable dental care services, patient convenience, research, and more. For more information, go to www.greatexpressions.com.

In our IT Department, we are currently looking for a Risk & Compliance Manager who is responsible for planning, executing, and managing multi-faceted projects related to risk management, mitigation and response, compliance, control assurance, and user awareness for the company and within appropriate frameworks (i.e., HIPAA, PCI-DSS, IT General Controls, etc.). The position focuses on developing and driving security strategies, and policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization. The individual offers expertise and assistance to protect the company's infrastructure and information assets. Individuals also select and implement appropriate tools for the necessary surveillance and monitoring of the computing environment. Responsibilities:

• Provides oversight of the information systems security operations and initiatives within the company and integrations with third-parties.
• Implements and oversees system standards across the enterprise hardware, software, data, and network environment.
• Works under the leadership of the Chief Information Officer to develop recommendations for Operations leadership, and implements and maintains the company's approach to information security in an effective and efficient manner that is both balanced and consistent with the mission, values, and operating goals of the company and the regulatory environment the company operates within.
• Assists and supports the CIO and the Information Technology team in ensuring all projects and services meet the company's Information security and regulatory standards, policies and procedures while delivering business requirements.
• Performs risk analysis on new projects, security exceptions, and audit issues.
• Provides governance responsibilities over the security operations of outsourcer vendor(s), infrastructure Third Party Partners (TPP) and Cloud service providers.
• Acts as an advocate and resource on information security for various functional areas and/or system-wide initiatives (HIPAA, PCI-DSS, ITGC).
• Assists business owners of various information resources in fully addressing security issues and procedures while delivering business requirements.

Qualifications:

• Position requires a bachelor's degree in computer science, information technology, or related field
• Minimum of 5 years of Information Security Analyst experience reflecting physical, logical and administrative information technology security and controls experience
• History of experience reflecting progressively more responsibility.
• Position requires in depth knowledge of Information Security and compliance frameworks including HIPAA, PCI-DSS and IT General Controls, infrastructure & networking methodologies, life cycles, strong communication, and analytical skills.
• Previous experience managing technical teams of two or more is preferred