Apply if you are…

• Excited about Cyber Security and have expert knowledge of cybersecurity concepts, threat-handling and threat modeling.
• Energized about working in a Start-up Organization building a cloud-native environment
• Desire to work with a talented team that is motivated to move the needle on some of the most pressing challenges in healthcare
• Experienced with security frameworks on cloud platforms (AWS, GCP, Azure), and protecting applications against viruses, spyware, trojans and hacking threats

You should expect to….

• Assess security concerns and articulate issues and potential risks to management (both verbally and written)
• Examine network and server logs to identify trends and anomalous activity and report findings to management
• Translate complex regulations or industry standards into clear, easily understood control requirements
• Map control requirements across information security framework to identify overlapping requirements and compliance efficiencies
• Create and update information security related policies, standards and/or procedures as needed
• Investigate security events generated from enterprise systems including Intrusion Detection Systems (IDS/IPS), anti-malware and anti-virus systems, and vulnerability scans
• Evaluate security risks and identify and define compliance strategies in accordance with policies and standards
• Evaluate and continuously improve controls and processes to increase security, eliminate vulnerabilities, improve system performance, reduce waste and lower cost
• Communicate with multiple departments and levels of management to resolve technical and procedural information security risks
• Create and maintain documentation on information security procedures and assist in gathering test evidence samples related to certification assessments and audits.
• Ensure timely gathering of evidence in support of HITRUST and SOC 2 compliance
• Assure cloud solutions and frameworks are built with consideration toward HIPAA/HITRUST compliance requirements
• Train other team members on cybersecurity concepts and lead periodic IT security controls testing such as network penetration tests, phishing simulations, social engineering simulations, and use the test results to suggest enhancements and remediations to business processes, employee training etc.
• Stay abreast of security threats and security technologies
• Write comprehensive reports including assessment-based findings, outcomes and propositions for continual system security enhancement

Terrific if you have…  

• Bachelor’s Degree in Computer Science, Information Systems or other related field, and/or equivalent work experience
• IT Security Certifications like CISSP, CISM, CISA, CEH, GCIH, GCIA, OSCP
• 5 – 8 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, networking, systems administration
• Experience with AWS Security & Encryption components such IAM Policy, Cloud HSM, KMS, CloudFormation, CloudTrail, SSO, Alert Logic). AWS certified security engineers will receive maximum consideration
• Working knowledge of security issues, techniques, and implications across computer platforms
• Experience analyzing large data sets
• Experience designing and implementing security solutions
• Familiarity with one or more major information security control or auditing frameworks (such as (SOC2, HITRUST, or NIST)

Compensation…

• Negotiable based on experience and qualifications