13 days old

Information Security Manager - HIX/IES

Quincy, MA 02171
  • Job Code
  • Payrate
    $75 To $80


The HIX/IES Information Security Manager will be required to perform risk assessments, develop strategies and security controls for all aspects of the MA-HIX system, including:

  • Portal
  • Identity & access management
  • Infrastructure & operations
  • Privacy and data protection
  • Security management
  • Vulnerability management
  • Business continuity

Additional responsibilities include but are not limited to:

  1. Assure Privacy Policies and Procedures are compliant with the CMS Minimum Acceptable Risk Standards (MARS-e), IRS Safeguards, HIPAA Privacy Rule, other applicable federal laws and regulations, and applicable State laws and regulations.
  2. Assure the covered entities business practices are compliant by evaluating procedures against the CMS Minimum Acceptable Risk Standards (MARS-e), IRS Safeguards, HIPAA Privacy Rule.
  3. Assure that workforce members are compliant by clarifying the Privacy Policies and Procedures when questionable.
  4. Ensure implementation of any changes necessary to gain compliance with the CMS Minimum Acceptable Risk Standards (MARS-e), IRS Safeguards, HIPAA Privacy Rule that are approved by the client.
  5. Ensure Protected Health Information (PHI) confidentiality requirements are being met.
  6. Ensure Federal Tax Information (FTI) confidentiality requirements are being met.
  7. Identify and evaluate technology risks.
  8. Support the develop information security policies for controls to mitigate risks
  9. Work with MA-HIX team to implement security controls
  10. Work with the Security & Privacy Compliance Manager to develop security work plan estimates
  11. Assist in reviews of MA-HIX Disaster Recovery Plan
  12. Represent the MA-HIX team as the security and privacy expert whenever privacy issues or meetings arise.
  13. Assist with preparations and updates to the Security Risk Assessment, System Security Plan (SSP), Safeguard Security Report (SSR) and other security related documents
  14. Professional collaboration with Commonwealth agencies and 3 rd Party service providers in support of the Commonwealth Massachusetts Health Exchange (MA-HIX) Security Management Program (SMP) objectives.
  15. Experience with NIST 800-53, HIPAA/HITECH, IRS 1075, FEDRAMP, PCI, ITIL, & ISO 27K.
  16. Ability to plan, coordinate, and gain consensus on security related activities including ongoing oversight, monitoring, and measuring success.
  17. Possess a strong technical background in areas including Enterprise Architecture, Database & Systems Design, n-tier solutions, Cloud Services, Security & Incident Event Monitoring (SIEM), network controls, .Net, and j2ee.
  18. Support the Risk Management program including gap identification, remediation planning, coordination with stakeholders, and reporting
  19. Coordinate security controls review and documentation with applicable Commonwealth Agencies and 3 rd Party Service Providers
  20. Perform documentation reviews to ensure adequate security and privacy controls as part of the program Deliverables Review process
  21. Attend business, technical, and operational meetings providing security support and representation while ensuring planned activities are not negatively impacting compliance mandates or creating risk exposure
  22. Provide security related documentation deliverables for multi-level audiences including Executive Leadership, Business Units, Legal Counsel, and 3 rd Party Service Providers.
  23. Remain vigilant on security threats that may impact the MA-HIX program and surround processes.


  • Bachelor's Degree required, Master's Degree preferred

  • Demonstrate knowledge in or more of the following information security domains:

    • Security Governance and Management
    • Security Policies and procedures
    • Federal, State Privacy Laws
    • CMS Minimum Acceptable Risk Standards for Exchanges (MARS-e)
    • IRS 1075. Tax Information Security Guidelines
    • Application security controls
    • Identity & Access management
    • Risk management
    • Privacy and data protection
    • Disaster recovery and business continuity

  • Familiarity with security technology standards (SAML, XACML, SPML)
  • Familiarity with security laws and requirements (NIST, FEDRAMP, IRS 1075, HIPAA, HITECH, FISMA, FICAM)
  • Experience with internal controls, risk controls, business process, testing, and audits
  • Experience in health care insurance industry is plus
  • Excellent verbal and written communication


  • Information Technology

Randstad utilizes a technology-driven focus with a human touch to provide better staffing and business solutions to organizations around the world. Our team of experts match professionals with available career opportunities in a variety of fields.

Featured Jobs

Career News

Share this job:

Information Security Manager - HIX/IES

Randstad Technologies
Quincy, MA 02171

Share this job

Information Security Manager - HIX/IES

Randstad Technologies
Quincy, MA

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast