Job Title: System Security Officer

Job Overview: The System Security Officer (non-key) plays a crucial role in ensuring compliance with all security requirements set forth by the Centers for Medicare & Medicaid Services (CMS) and the U.S. Department of Health and Human Services (HHS). This role involves developing, implementing, and maintaining security plans to safeguard organizational systems and data. The System Security Officer collaborates with stakeholders to address accreditation requirements and ensures adherence to industry best practices. Approach to completing the [Developing] security plan[s] and [knowledge of] accreditation requirements [to include] (HHSAR 352.239-72)

Responsibilities:

1. Compliance Assurance:
   • Ensure compliance with CMS/HHS security requirements, regulations, and guidelines.
   • Monitor changes in regulatory requirements and implement necessary adjustments to security protocols.
   • Conduct regular audits and assessments to evaluate the effectiveness of security measures.

2. Security Planning and Implementation:
   • Develop, review, and update security plans in accordance with CMS/HHS guidelines.
   • Implement security controls and procedures to protect information systems and data.
   • Collaborate with IT teams to integrate security measures into system architecture and design.

3. Risk Management:
   • Identify potential security risks and vulnerabilities within organizational systems.
   • Conduct risk assessments and recommend mitigation strategies to reduce security threats.
   • Develop incident response plans and procedures for handling security breaches or incidents.

4. Accreditation Support:
   • Assist in the preparation of documentation required for system accreditation.
   • Coordinate with accreditation bodies and auditors to facilitate the accreditation process.
   • Address any security-related concerns raised during accreditation reviews and audits.

5. Training and Awareness:
   • Provide security awareness training to employees and stakeholders.
   • Promote a culture of security consciousness throughout the organization.
   • Keep abreast of emerging security threats and technologies to enhance security awareness.

6. Incident Response:
   • Serve as a point of contact for reporting and responding to security incidents.
   • Lead incident response efforts to contain and mitigate security breaches.
   • Document security incidents, conduct post-incident analysis, and recommend improvements.

7. Documentation and Reporting:
   • Maintain accurate records of security-related activities, including risk assessments, audits, and incidents.
   • Prepare and submit reports on security metrics, compliance status, and incident response activities.
   • Communicate security-related information to stakeholders, management, and regulatory authorities as required.

Qualifications:

• Bachelor's degree in computer science, Information Technology, or a related field.
• Certified Information Systems Security Professional (CISSP) or equivalent certification preferred.
• Job Description: Sr. Program/Project Manager (Fraud, Waste, and Abuse Subject Matter Expert)
• Location: Rockville, MD, US
• Status Required: Able to work in the US.
• Position Type: Full time.
• Keywords: Medicare, Medicaid, Fraud, Waste, Abuse, Program Integrity
• Job Overview:
• We are seeking a seasoned Fraud, Waste, and Abuse (FWA) Subject Matter Expert (SME) to join our team. The ideal candidate will possess extensive experience in case management related to FWA within Medicare and Medicaid programs. As the FWA SME, you will play a pivotal role in providing expert guidance and oversight to project teams, ensuring compliance with regulations and implementing proactive measures to identify potential FWA scenarios.
• Responsibilities:
• Serve as a primary source of expertise in Medicare/Medicaid FWA, including associated laws, regulations, and guidelines.
• Apply expertise to align organizational vision with strategic goals, emphasizing best practices in FWA protections within system operations.
• Lead or actively participate in design meetings, offering FWA insights to inform system development.
• Provide guidance on resolving business needs throughout the software development life cycle.
• Conduct risk assessments and implement policies, procedures, and controls to prevent and detect fraudulent activities.
• Deliver expert guidance and training to project teams on investigative processes and best practices.
• Support case management activities and oversee remediation efforts to address identified issues and prevent recurrence.
• Coordinate with investigative resources and ensure compliance with relevant laws and regulations.
• Collaborate with internal stakeholders, external partners, and regulatory agencies to address fraud-related concerns.
• Stay abreast of emerging trends, technologies, and best practices in fraud prevention and detection.
• Research, evaluate, and recommend new solutions to meet regulatory requirements or enhance capabilities.
• Analyze customer requirements and collaborate with the technical team to meet needs effectively.
• Required Skills:
• Demonstrated expertise in Medicare/Medicaid FWA.
• Approach to completing the [Developing] security plan[s] and [knowledge of] accreditation requirements [to include] (HHSAR 352.239-72)
• Proficiency in the Medicare and Medicaid Program Integrity Manual (PIM).
• Strong analytical skills with attention to detail, capable of identifying patterns and anomalies in data and documentation.
• Excellent communication and interpersonal skills, able to convey complex concepts to diverse audiences.
• Proficiency in relevant fraud detection, investigation, and reporting tools and technologies.
• Ability to work independently, prioritize tasks, and manage multiple responsibilities effectively.
• Strong organizational and project management skills.
• Education and Experience:
• Bachelor's degree in engineering, Computer Science, Systems, Business, or related field.
• 15+ years of experience in fraud prevention, detection, and investigation, demonstrating a successful track record.
• Good to Have Skills/Certifications:
• Advanced degrees or specialized training in healthcare compliance or administration.
• Certification in Healthcare Privacy and Security (CHPS), Healthcare Compliance (CHC), or Certified Compliance Professional (CCP).
• Experience with SAFe (Agile) methodology.
• U.S. Residency Requirement:
• Must have resided in the United States for at least three (3) out of the last five (5) years.
• Must be able to pass background investigations.
• Join our team and contribute your expertise to combatting fraud, waste, and abuse in Medicare and Medicaid programs. We offer a competitive salary and the opportunity to make a meaningful impact in healthcare program integrity. Apply now to be part of our dynamic team!
• Minimum of [X] years of experience in system security, compliance, or a related field.
• In-depth knowledge of CMS/HHS security requirements, regulations, and guidelines.
• Experience developing and implementing security plans and controls.
• Strong understanding of risk management principles and methodologies.
• Excellent communication and interpersonal skills.
• Ability to work independently and collaboratively in a fast-paced environment.
• Strong analytical and problem-solving skills.
• Attention to detail and commitment to maintaining the highest standards of security.

Note: The responsibilities and qualifications outlined above are intended to provide a general overview of the position. Additional duties and qualifications may be required based on the specific needs of the organization.