Information Security Lead

Gainwell Technologies
VA, US
$90.9K-$129.9K a year
Full-time

Great companies need great teams to propel their operations. Join the group that solves business challenges and enhances the way we work and grow.

Working at Gainwell carries its rewards. Youll have an incredible opportunity to grow your career in a company that values your contributions and puts a premium on work flexibility, learning, and career development.

Summary

As an Information Security Leader (ISL), you will play a pivotal role in ensuring the seamless integration and effective utilization of Gainwell's diverse product portfolio.

You will work closely with internal teams and external stakeholders to understand product functionalities, address concerns, and optimize solutions across various domains, including healthcare, data analysis, and client support services.

In a typical engagement, you operate as a trusted advisor in the organization, working with senior management and focusing specifically on health care industry regulated security requirements and environments in relation to client business objectives.

The ISL helps understand operational issues and plans next steps from an information security viewpoint. This requires the ability to interact and influence at a managerial level within client organizations such as Information Governance and IT Security leads.

You will demonstrate industry expertise and understanding of the security governance and compliance. Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the National Institute of Standards and Technology (NIST) 800-53 framework is what the ISL will be analyzing and enforcing, maintaining, and helping to assess on each designated account or health care product within Gainwell Technologies and its partners.

Your role in our mission

Data Security and Compliance : Educate stakeholders on the importance of safeguarding PHI / PII data embedded within Gainwell products.

Implement and enforce compliance measures to mitigate risks associated with sensitive information.

Client Support and Communication : Serve as a primary point of contact for clients regarding product functionalities, updates, and troubleshooting.

Communicate effectively with internal teams to address client concerns and optimize product performance.

Enhancement and Innovation : Collaborate with product development teams to identify opportunities for product enhancement and innovation based on client feedback and industry trends.

Contribute to the roadmap of Gainwell products by providing insights into market demands and emerging technologies.

  • Lead Security operational governance activities.
  • Ensuring delivery excellence in security tooling and business operations (Ensuring avoidance of non-performance / non-compliance contractual penalties).
  • Maintain an account security plan and other security related documentation for the selected account(s) and Products.
  • Ensure Audit and penetration assessment preparation, facilitation, and remediation.
  • Manage security risk and exceptions to security standards within the organization and third-party risk. To include vulnerabilities, defects, and exploits.
  • Ensure knowledge sharing and implementation of security fundamentals, policies, and standards (regulatory and contractual).
  • Escalate and resolve Security Incidents with the Security Incident Response (SIR) team and Account Executives (AE).
  • Manage and report security incidents.
  • Coordinate delivery of Security Metrics and Reporting in support of contractual commitments.
  • Documentation including writing policies, standards, procedures, process, and security plans.

What we're looking for

  • At least 7 years experience working in a risk management, audit, security, or technical delivery role. Experience as a Security consultant, architect and / or engineer.
  • Experience in working with security management including information governance and compliance.
  • Good understanding of Assurance Practices and Risk Management, with hands on experience.
  • Auditing experience with Virginia SEC 525 and SEC 530.
  • Experience with security processes and standards, in particular NIST 800-53, and / or ISO27001.
  • Experience with security audit and accreditation processes.
  • Experience in IT outsourcing business or 7+ years in industry vertical.
  • CISSP, CISM, CCSP, CASP+, CRISC, CISA, CySA+, CEH a plus.
  • Experience with HIPAA, FIPS, NIST, MARS-E, and FedRAMP a plus.

What you should expect in this role

  • This is a fully remote opportunity.
  • Functionally reports to the Information Security Leader as part of the office of the Chief Information Security Officer (OCISO) to coordinate effort, solutions, and promote Security Practices.
  • Works in conjunction with the Account Delivery Executive and / or Product Owners
  • Partners and collaborates with Information Security staff and partners to leverage existing solutions and promote common security standards.

The deadline to submit applications for this posting is July 8, 2024.

The pay range for this position is $90,900.00 - $129,900.00 per year, however, the base pay offered may vary depending on geographic region, internal equity, job-related knowledge, skills, and experience among other factors.

Put your passion to work at Gainwell. Youll have the opportunity to grow your career in a company that values work flexibility, learning, and career development.

All salaried, full-time candidates are eligible for our generous, flexible vacation policy, a , and educational assistance.

We also have a variety of leadership and technical development academies to help build your skills and capabilities.

30+ days ago
Related jobs
Promoted
MITRE
McLean, Virginia

Security engineer provides cyber security expertise by developing and architecting security solutions that enhance MITRE’s on prem and cloud services security posture. MITRE InfoSec is the organization responsible for the unclassified information security program within MITRE. Our protection of MITR...

Promoted
Stratitia, Inc.
Falls Church, Virginia

The Lead Cyber ISSO will support a collaborative team to help develop, manage, and maintain information system security Assessment and Authorization (A&A) packages. The individual will be the critical lead in developing and maintaining the systems dynamic security posture by pursuing high security s...

Promoted
NANA Regional Corporation
Suffolk, Virginia

The Information Systems Security Manager II (CISCO Lead) is responsible for overseeing IT security and networking operations, focusing on CISCO technologies, VoIP, and Navy systems. Information Systems Security Manager II (CISCO Lead) in Suffolk, Virginia. Lead and manage IT security operations and ...

Promoted
MITRE Corporation
Fairfax, Virginia

Security engineer provides cyber security expertise by developing and architecting security solutions that enhance MITRE's on-prem and cloud services security posture. Security engineer provides hands–on technical engineering to improve defensive and detective capabilities by evaluating security ser...

Promoted
General Dynamics Information Technology
Richmond, Virginia

Work with the Information Security Manager, technical and non-technical staff, customers and corporate advisory boards to provide technical consultation and escalate or resolve security-related issues. Ensure solutions meet the security architecture and security design, and do not introduce risk. De...

Promoted
Empower Ai Inc.
Arlington, Virginia

Lead Information Assurance SME with Security Clearance. Establish a robust security posture for JSP IT environments by independently identifying vulnerabilities, remediating found vulnerabilities, and improving processes to maintain a robust security posture as it pertains to the Information System ...

General Dynamics Information Technology
Virginia Beach, Virginia

Work with the Information Security Manager, technical and not technical staff, customers and corporate advisory boards to provide technical consultation and escalate or resolve security related issues. Esure solutions meet the security architecture, and security design, and do not introduce risk. De...

Capital One
Richmond, Virginia

Center 3 (19075), United States of America, McLean, VirginiaSenior Manager, Information Security Office (ISO) Assurance Team Lead. Provide regular updates to executive leadership on the overall Information Security health and risk environment. At Capital One, you will help consult on initiatives, pr...

Freddie Mac
McLean, Virginia

The Information Security Policy & Reporting Tech Lead provides hands-on experience across all information security domains and direct interactions with cybersecurity and technology management. This tech lead will focus on defining and socializing changes to security requirements, establishing implem...

Omniscius Consulting
Hampton, Virginia

M Possess an active Top Secret security clearance Prefer official JFHQ-DODIN inspector training Experienced with identifying, implementing and validating DISA Security Technical Implementation Guides (STIG) Experienced in one or more of the following technical and security domains: operating systems...