Skip to main content

Risk Strategy Consultant

Highmark Health

  • Company Hignmark Health
  • Pittsburgh, PA
  • Finance
  • Full time

Company :

Highmark Health

Job Description : 


This job acts as the risk function’s consultant and subject matter expert on Compliance / Quality, Privacy, or Information Security, supporting Executive Leadership with a range of risk strategy activities essential to the Organization's strategic planning and execution process.  This role provides subject matter expertise and analytical / strategic leadership support that execution of time sensitive / high priority / high visibility strategic initiatives, including: 1) ensuring alignment with the company's risk taxonomy and risk profile, 2) considering regulatory and compliance impact to strategic and operational initiatives, 3) development of formal recommendations to senior leaders, 4) creation of executive documents that inform critical strategic issues and decisions.


  • Act as the Risk function’s core expert on one of the following risk categories: Compliance and Quality, Privacy, or Information Security 
  • Evaluates relevant risk category for large and/or strategic initiatives
  • Works with team and other SMEs to provides an overall risk assessment and recommendation to the requesting party, in many cases senior leadership
  • Develops and maintains risk treatment methodology (avoid, accept, transfer, mitigate)
  • Interacts closely with risk officers, risk strategy partners, and members of the strategy team, providing guidance and thought leadership  
  • Brings knowledge sharing and best practices to the risk function, and provides guidance to risk operations team when called upon 
  • Maintain a strong working knowledge of the risk operations framework; following protocols from identification through monitoring
  • Maintaining extensive knowledge base for area of focus; staying up to date on new or change requirements
  • Other duties as assigned or requested.



  • Bachelor's Degree in Finance, Business, Public Policy Healthcare, Information Technology, Information Security or related field


  • 6 years of related and progressive experience in lieu of Bachelor's degree


  • Master's Degree in Finance, Business, Public Policy Healthcare, Information Technology, Information Security or related field



  • 7 years in Compliance, Quality, Public Policy, Government Affairs, Project Management, Healthcare Operations or Law
  • 5 years in Information Security analysis or Information Risk Management
  • 5 years in Privacy Analysis, Privacy Risk Management and working in & understanding regulatory environment


  • None



  • None


  • None


  • Documenting 
  • Communication 
  • Presenting compliance and quality issues to senior audiences
  • Demonstrated client relationship, influencing, and teamworking skills
  • Strong quantitative and analytical skills

Language (Other than English):


Travel Requirement:

0% - 25%


Position Type


Teaches / trains others regularly


Travel regularly from the office to various work sites or from site-to-site


Works primarily out-of-the office selling products/services (sales employees)


Physical work site required


Lifting: up to 10 pounds


Lifting: 10 to 25 pounds


Lifting: 25 to 50 pounds


Disclaimer: The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job.

Compliance Requirement : This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies.

As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times.  In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company’s Handbook of Privacy Policies and Practices and Information Security Policy. 

Furthermore, it is every employee’s responsibility to comply with the company’s Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements.

Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.

EEO is The Law

Equal Opportunity Employer Minorities/Women/ProtectedVeterans/Disabled/Sexual Orientation/Gender Identity ( )

We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below.

For accommodation requests, please contact HR Services Online at

California Consumer Privacy Act Employees, Contractors, and Applicants Notice

Thumbnail Join Talent Community@2X

Connect with a career that’s right for you.

Introduce yourself and we'll get in touch monthly to share career insights and company news.

Join Our Talent Community