Chief Information Security Officer
United States
Full Time
3 hours ago
Key skills
LeadershipRemote WorkPenetration Testing
About this role
Role Overview
- Develop and implement the organization's information security strategy.
- Provide regular security updates to the CIO, other executives, and the board of directors, including presentations on security matters.
- Represent the organization in security-related matters with external parties, including vendors and auditors.
- Work closely with the CIO and operate as a member of the DevOps team to emphasize and implement security initiatives.
- Conduct regular risk assessments and vulnerability scans using tools like Rapid7 IVM and internal tracking systems.
- Oversee the development and implementation of incident response plans and conduct tabletop exercises with DevOps team members.
- Ensure compliance with relevant regulations and standards, including HITRUST, NIST, DirectTrust, HIPAA, SOC 2 (Type II), ISO.
- Manage internal and external security audits, including evidence collection and preparation.
- Develop, review, and update information security policies and procedures, including the Vulnerability and Patch Management Procedure and Data Center Access Procedure.
- Participate in the day-to-day operations of the security team and manage security tools and technologies, including Check Point, SentinelOne, and intrusion detection systems.
- Lead and mentor the security team, reviewing tasks and responsibilities working closely with the DevOps team members.
- Evaluate and manage security vendors, including VDA Labs, KnowBe4, and perform vendor audits.
Requirements
- Bachelor's degree or equivalent work experience.
- 10+ years of experience as a CISO or similar role, with at least 3 years of security-related leadership.
- Proven background in systems administration.
- Experience leading teams.
- Certified Information Systems Security Professional (CISSP) required.
- Expertise in vulnerability testing, penetration testing, and developing security practices.
- Knowledge of standards-based architecture, compliance monitoring, and enforceability.
- Strong leadership skills with the ability to motivate and guide teams.
- Experience in healthcare or other highly-regulated environments.
Benefits
- Competitive compensation
- Comprehensive benefits package including medical/dental/vision insurance
- 401k with company match
- Unlimited Paid-Time off
- Quarterly bonus program
- Flexible work schedule
- Remote work