• Conduct comprehensive security and third-party risk assessments to ensure initiatives align with MFA policies, standards, and regulatory requirements, including HIPAA, HITRUST, HITECH, and other applicable healthcare regulations • Identify risks and recommend remediation strategies using risk-based prioritization, mitigating controls, and continuous improvement methodologies • Evaluate, develop, and recommend information security assessment tools, processes, and techniques • Develop and deliver HIPAA security training and awareness programs • Collaborate with internal stakeholders to identify, track, manage, and report security risks • Build, enhance, and support security operations capabilities, including monitoring and response • Develop, implement, and maintain security policies, standards, and procedures to support enterprise-wide risk mitigation • Contribute to and maintain best practices, methodologies, documentation, and templates • Support and coordinate compliance-focused programs and initiatives across the organization • Mentor and support team members on information security practices and standards • Support environments that include hybrid on-premises infrastructure, cloud platforms, and SaaS solutions • Participate in a 24x7 on-call rotation for Information Security • Perform other duties as assigned that are consistent with the role and organizational needs