Information Security Manager
Greater Boston Area
We create technology with heart for the health of every person in the world.
Buoy builds a free digital health tool that helps people – from the moment they get sick – start their health care on the right foot. Started by a team of doctors and computer scientists working at the Harvard Innovation Laboratory in Boston MA, Buoy was developed in direct response to the downward spiral we’ve all faced when we attempt to self-diagnose our symptoms online. Buoy leverages artificial intelligence – powered by advanced machine learning and proprietary granular data - to resemble an exchange you would have with your favorite doctor – to provide consumers with a real-time, accurate analysis of their symptoms and help them easily and quickly embark on the right path to getting better. Buoy is based in Boston and was founded in 2014.
Buoy is taking on the multi-faceted challenge of applying Artificial Intelligence (AI) to medicine and developing novel interfaces and algorithms to reason about the relationship between humans, symptoms, and illnesses. We are looking for an information security manager to help Buoy keep user data and information safe and secure. A strong candidate will have experience in writing and implementing security policies that use risk management systems such as HITRUST or SOC II. Reporting to the Controller, this person will begin their time at Buoy by leading the HITRUST certification process and potentially grow to manage the IT/security function at Buoy. Additionally, a strong candidate will take pride in his or her work, exhibit attention to detail, demonstrate accountability for given tasks or projects, have a passion for solving healthcare-IT-related problems, contribute to a variety of projects, and excel at communicating with both technical and non-technical members of the team.
In a typical week, you may:
• Develop policies in accordance with HITRUST, GDPR, ISO 27001 and oversee and enforce their implementation across the entire company.
• Lead internal and third party security assessments and audits.
• Meet with third party customers and vendors to ensure compliance with all security needs.
• Communicate to the broader team the security risks and how we have mitigated them as an organization.
• Assist in the development of an IT organization.
•Coordinate with the Buoy legal team to interpret and understand laws, regulations, complex issues, and documents.
• Bachelor’s degree Cyber Security, Computer Science, Engineering, IT Security Management, Risk Management or comparable professional education/training in a relevant field.
• Experience in data privacy and security, including; privacy assessments and audits, risk mitigation practice, and information security standards.
• Experience managing/conducting cybersecurity framework (CSF) assessments [HITRUST preferred].
• Knowledge of data protection laws, best practices, and methodologies.
• Excellent communication skills
• Experience in the healthcare industry.
• 85K + options
• Medical, Dental, Vision
• Simple IRA
• Dogs in the office!
Read Full Job Description