Job description

Chief Information Security Officer Our client is a leader in innovative healthcare technology for over 30 years and is a trusted partner to more than 40,000 healthcare providers. The company’s comprehensive platform, streamlines daily business operations including communications and engagement, payments and reimbursements, and office compliance. Customers of all sizes, in all sectors of healthcare, rely on their easy-to-use and scalable software to deliver a measurable increase in productivity and profitability, while improving patient experience. OVERVIEW Reporting directly to the CTO, the CISO must strike the balance between hands on technical, people leadership, and strategic. The CISO will have the necessary skills to oversee day-to-day security operations, engineering, architecture, and also be a hands-on, technical resource to lead offensive and defensive security activities. You will leverage various internal platforms and use your in-depth understanding of common exploits and tactics to provide network and data security for the business and our clients. To best perform this role, you will be required to stay up to date with current vulnerabilities, attacks, and countermeasures, along with staying current with all security related news and developments. The CISO will be responsible for making sure the organization is properly prepared for audit activities by clients and other third-party auditors. This includes artifact collection as well as regular audits of the company environment and all resources as required. KEY RESPONSIBILITIES • Oversee cybersecurity services provided by internal team members, as well as cyber security partners. • Provide leadership over day-to-day security, network and user activity alerts, and oversee associated investigations as required. • Own the build out of our cyber security program, including Incident Response planning • Management, Vulnerability Scanning and Penetration Testing (both internal and external). • Lead project teams that include internal IT & Security members and partners, to evaluate, test and deploy security solutions. • Mentor and develop the internal security operations team members and other functional areas as needed. • Provide detailed cyber security reports to the executive leadership team monthly and on demand. CANDIDATE PROFILE Experience & Education: • 10+ years of extensive cybersecurity leadership experience working with a wide variety of cybersecurity solutions. • Experience working within an AWS environment and utilizing technologies such as Directory Services, CloudWatch, CloudTrail, IAM, GuardDuty, KMS, SecurityHub, WAF, Shield and other related tools. • Bachelor's degree in Computer Science, Information Technology or a related discipline, or equivalent combination of professional and/or military experience/education. • Industry-recognized certifications for networking and security, e.g. AWS Security, CISSP, Network+, Security+, etc. Professional Skills: • Excellent knowledge of English • Strong people leadership and mentoring skills • Strong Presentation/Public Speaking skills • Ability to multi-task, prioritize, and manage time effectively. • Excellent decision-making, problem solving and critical thinking skills • Excellent interpersonal skills and professional demeanor. • Strong verbal and written communication skills. Technical Skills: • Extensive Cybersecurity experience working within AWS (EC2/S3), Microsoft Directory Services and M365 (Azure, SharePoint, Teams, OneDrive, etc.) • Preferred experience with Okta, Arctic Wolf, SentinelOne, Zscaler, and other similar tools. • Solid experience in remediating or mitigation malware and/or cyberattacks, as well as experience offensive/defensive security and threat hunting. • Solid understanding of DNS, SMTP, SFTP, TCP/IP, BGP, ARP/RARP and other related protocols. • Solid understanding of SIEMs, IAMs, UBA/UEBA, EDR and other cyber security solutions. • Extensive experience managing compliance with GDPR, SOC, ISO 27001/27701, CFR, etc. • Solid understanding of security operations better practices and procedures. • Extensive experience using security tools to monitor & secure systems and network resources.

Requirements