Included Health logo

Chief Information Security Officer - Included Health

View Company Profile
Job Title
Chief Information Security Officer
Job Location
Remote
Job Description
The Chief Information Security Officer will be the leader of Information Security at Included Health. This position's primary responsibility is safeguarding patient, employee, customer, and third-party vendor data. You will be responsible for leading the team that designs, builds, implements, and maintains a world-class security program end to end. You will also be the representation for information security with our customers, prospects, investors, and board members.

Security is a strategically important pillar of our business, critical for the sustained growth of our company. This position is an exciting opportunity that requires strong technical competency, a proven managerial track record, and transformational leadership to continue the evolution of our enterprise security program for the future. Bring your best self, sense of humor included - we work hard, but we like to play hard too.
Duties and Responsibilities:
  • Set the mission, vision, and strategy for the Information Security organization and execute to keep our members’ data safe
  • Build trust, whether working cross-functionally with internal stakeholders (like Engineering or Legal) and collaborating externally with our customers, including CISOs and other Security professionals at Fortune 100 companies.
  • Collaborate in a consultative manner with clear focus on our company’s objectives delivering on our mission for our members and clients
  • Provide thought leadership and guidance while ensuring teams are engaged and focused on short-term priorities while establishing the long-term strategy
  • Evangelize information security internally and externally, both with employees and company leadership as well as investors, clients & prospects, as well as board-level committees
  • Continuously expand on the information security roadmap with the respective leaders in the Infosec organization
  • Execute leadership and oversight for the implementation and automation of security capabilities, systems, and services - drive and evangelize the different functions within Information Security to business units and critical stakeholders across the Enterprise, including but not limited to IDS/IPS, SIEM, Vulnerability Management, Architecture Review, SAST/DAST, WAF, Incident Response, and Third Party Risk Management.
  • Manage internal and external security/risk assessments, programs, penetration testing, bug bounty, vulnerability management, etc.
  • Set the strategy and provide oversight to maintain existing security certifications (SOC2 Type 2 and HITRUST), and keep an eye on the future (e.g., FedRAMP and PCI ROC).
  • Collaborate with audit, compliance, and privacy departments to maintain and enhance shared capabilities within the business, product, and services that Included Health provides.
  • Manage capacity, budget, and resource allocation to meet growth initiatives and to ensure alignment with high-value projects to revenue generation, cost reduction, and business objectives.
  • Engage with Senior Leadership to create visibility into relevant Security topics, provide updates on the threat landscape, and discuss mitigation strategies.
  • Set the direction for creating and/or maintaining documentation of relevant standard operating policies and procedures and incorporating OKRs and KPIs to drive and measure the success of the Information Security program.
  • Qualifications:
  • Previous security leadership experience, ideally leading a Security function
  • Excellent communication skills at an executive level and the ability to dive deeper and document and explain technical details clearly and concisely
  • Previous experience leading Product Security, Governance Risk & Compliance, and Security Engineering
  • Operating expertise in cloud-based service offerings such as AWS, GCP, and Azure
  • Experience in building and scaling a well-rounded security program, including benching to SOC2 / HITRUST / HIPAA standards using NIST controls
  • Thorough understanding of the current threat and attack landscape, latest security trends, and principles
  • Security certifications such as CISSP, OSCP, or CISM are preferred
  • Ability to work collaboratively and cross-functionally across the Enterprise required
  • B.S. / B.A. degree or relevant work experience
  • Physical/Cognitive Requirements:
  • Prompt and regular attendance at assigned work location.
  • Ability to work shifts of at least 8 hours, 5 days per week.
  • Ability to thrive in a fast-paced, high-intensity work environment.
  • Ability to remain seated in a stationary position for prolonged periods.
  • Requires eye-hand coordination and manual dexterity sufficient to operate keyboard, computer and other office-related equipment.
  • No heavy lifting is expected, though occasional exertion of about 20 lbs. of force (e.g., lifting a computer / laptop) may be required.
  • Ability to interact with leadership, employees, and members in an appropriate manner.
  • Everything You Need, One Platform.

    From job listings to startups, investors to funding rounds, and everything in between, Employbl puts the power in your hands. Why wait?

    Start your free trial today!


    Stay Ahead of the Curve

    Sign up for our newsletter to stay informed about the latest startups and trends in the tech market. Let Employbl be your guide to success.

    Included Health Headquarters Location

    New York, NY

    View on map

    Included Health Company Size

    Between 1,000 - 5,000 employees

    Included Health Founded Year

    2020

    Included Health Total Amount Raised

    $2,280,003

    Included Health Funding Rounds

    View funding details
    • Seed

      $2,280,003 USD