Develop and implement the organization's information security strategy.
Provide regular security updates to the CIO, other executives, and the board of directors, including presentations on security matters.
Represent the organization in security-related matters with external parties, including vendors and auditors.
Work closely with the CIO and operate as a member of the DevOps team to emphasize and implement security initiatives.
Conduct regular risk assessments and vulnerability scans using tools like Rapid7 IVM and internal tracking systems.
Oversee the development and implementation of incident response plans and conduct tabletop exercises with DevOps team members.
Ensure compliance with relevant regulations and standards, including HITRUST, NIST, DirectTrust, HIPAA, SOC 2 (Type II), ISO.
Manage internal and external security audits, including evidence collection and preparation.
Develop, review, and update information security policies and procedures, including the Vulnerability and Patch Management Procedure and Data Center Access Procedure.
Participate in the day-to-day operations of the security team and manage security tools and technologies, including Check Point, SentinelOne, and intrusion detection systems.
Lead and mentor the security team, reviewing tasks and responsibilities working closely with the DevOps team members.
Evaluate and manage security vendors, including VDA Labs, KnowBe4, and perform vendor audits.
Requirements
Bachelor's degree or equivalent work experience.
10+ years of experience as a CISO or similar role, with at least 3 years of security-related leadership.
Proven background in systems administration.
Experience leading teams.
Certified Information Systems Security Professional (CISSP) required.
Expertise in vulnerability testing, penetration testing, and developing security practices.
Knowledge of standards-based architecture, compliance monitoring, and enforceability.
Strong leadership skills with the ability to motivate and guide teams.
Experience in healthcare or other highly-regulated environments.
Benefits
Competitive compensation
Comprehensive benefits package including medical/dental/vision insurance