Millennium Physician Group
Cyber Third-Party Risk Specialist
Millennium Physician Group, Fort Myers, Florida, United States, 33916
Mosaic Health is a national care delivery platform focused on expanding access to comprehensive primary care for consumers with coverage across Commercial, Individual Exchange, Medicare, and Medicaid health plans.
The Business Units which comprise Mosaic Health are multi-payer and serve nearly one million consumers across 19 states, providing them with access to high quality primary care, integrated care teams, personalized navigation, expanded digital access, and specialized services for higher-need populations. Through Mosaic Health, health plans and employers have a stronger care provider partner that delivers affordability and superior experiences for their members and employees, including value-based primary care capacity integrated with digital patient engagement and navigation. Each of the companies within Mosaic Health provides unique offerings that together aim to improve individuals' health and wellbeing, while helping care providers deliver higher quality care. For more information, please visit www.mosaichealth.com or follow Mosaic Health on LinkedIn.
Formed in 2008 and headquartered in Fort Myers, Florida, with offices in Florida, North Carolina, and Texas, Millennium Healthcare is the largest independent physician group in Florida and one of the largest in the United States. At Millennium Physician Group, our employees are the foundation of our success. We are committed to providing you with the tools to succeed, fostering a team atmosphere that empowers you to seek better ways to deliver care, and caring for you as an individual to support your growth.
The
Cyber Third-Party Risk Specialist
will support all business units within Mosaic Health. They are responsible for identifying, assessing, and mitigating cybersecurity risks across the organization. This role ensures compliance with regulatory frameworks, manages risk assessments, and collaborates with various teams to implement security controls that protect sensitive data and infrastructure. Responsibilities Develop and implement strategies to mitigate risks associated with third-party relationships. Conduct thorough risk assessments of third-party vendors to identify potential security and compliance risks. Analyze vendor security practices and controls to ensure alignment with healthcare regulations and company standards. Collaborate with vendors to address security and compliance gaps and monitor remediation efforts. Maintain up-to-date knowledge of regulatory changes and assess their impact on third-party risk management. Align risk management practices with industry standards (e.g., NIST, ISO 27001, PCI-DSS). Ensure compliance with laws and regulations such as HIPAA. Monitor emerging threats, vulnerabilities, and industry trends to proactively address risks. Review and negotiate vendor contracts and SLAs to include security and compliance requirements. Implement ongoing monitoring processes to track vendor performance and risk levels. Perform other related duties as assigned, demonstrating excellent service to internal teams and patients. Qualifications Bachelor's degree in Cybersecurity, Information Technology, Business Administration, or a related field. Knowledge of healthcare operations and regulatory requirements is highly desirable. Strong understanding of risk management principles and third-party risk assessment methodologies. Experience in third-party risk management, preferably within healthcare. Familiarity with security technologies and tools used for vendor risk assessment and monitoring. Relevant certifications such as CISSP or CRISC are beneficial. Excellent analytical, problem-solving, communication, and negotiation skills. Understanding of healthcare-specific regulatory impacts on patient data and services. Commitment to excellent service, professionalism, integrity, and the ability to work independently in a fast-paced environment. Physical Demands Sedentary work with occasional lifting up to 15 lbs, repetitive motions, and close visual acuity required for data analysis and computer work. Equal Employment Opportunity Mosaic Health is an EEO employer. All qualified applicants will receive consideration regardless of protected statuses. For accommodations, contact HRbenefits@mpgus.com.
#J-18808-Ljbffr
Cyber Third-Party Risk Specialist
will support all business units within Mosaic Health. They are responsible for identifying, assessing, and mitigating cybersecurity risks across the organization. This role ensures compliance with regulatory frameworks, manages risk assessments, and collaborates with various teams to implement security controls that protect sensitive data and infrastructure. Responsibilities Develop and implement strategies to mitigate risks associated with third-party relationships. Conduct thorough risk assessments of third-party vendors to identify potential security and compliance risks. Analyze vendor security practices and controls to ensure alignment with healthcare regulations and company standards. Collaborate with vendors to address security and compliance gaps and monitor remediation efforts. Maintain up-to-date knowledge of regulatory changes and assess their impact on third-party risk management. Align risk management practices with industry standards (e.g., NIST, ISO 27001, PCI-DSS). Ensure compliance with laws and regulations such as HIPAA. Monitor emerging threats, vulnerabilities, and industry trends to proactively address risks. Review and negotiate vendor contracts and SLAs to include security and compliance requirements. Implement ongoing monitoring processes to track vendor performance and risk levels. Perform other related duties as assigned, demonstrating excellent service to internal teams and patients. Qualifications Bachelor's degree in Cybersecurity, Information Technology, Business Administration, or a related field. Knowledge of healthcare operations and regulatory requirements is highly desirable. Strong understanding of risk management principles and third-party risk assessment methodologies. Experience in third-party risk management, preferably within healthcare. Familiarity with security technologies and tools used for vendor risk assessment and monitoring. Relevant certifications such as CISSP or CRISC are beneficial. Excellent analytical, problem-solving, communication, and negotiation skills. Understanding of healthcare-specific regulatory impacts on patient data and services. Commitment to excellent service, professionalism, integrity, and the ability to work independently in a fast-paced environment. Physical Demands Sedentary work with occasional lifting up to 15 lbs, repetitive motions, and close visual acuity required for data analysis and computer work. Equal Employment Opportunity Mosaic Health is an EEO employer. All qualified applicants will receive consideration regardless of protected statuses. For accommodations, contact HRbenefits@mpgus.com.
#J-18808-Ljbffr