Information Security Lead

Great companies need great teams to propel their operations. Join the group that solves business challenges and enhances the way we work and grow. Working at Gainwell carries its rewards. You'll have an incredible opportunity to grow your career in a company that values your contributions and prioritizes work flexibility, learning, and career development.

As an Information Security Leader (ISL), you will play a pivotal role in ensuring the seamless integration and effective utilization of Gainwell's diverse product portfolio. You will work closely with internal teams and external stakeholders to understand product functionalities, address concerns, and optimize solutions across various domains, including healthcare, data analysis, and client support services. In this role, you act as a trusted advisor, collaborating with senior management and focusing on healthcare industry security requirements and environments aligned with client business objectives.

The ISL helps identify operational issues and plans next steps from an information security perspective. This involves interacting with and influencing managerial level stakeholders such as Information Governance and IT Security leads within client organizations. You will demonstrate expertise in security governance and compliance, specifically analyzing and enforcing HIPAA and NIST 800-53 standards within Gainwell Technologies and its partners.

1. Data Security and Compliance: Educate stakeholders on safeguarding PHI / PII data within Gainwell products. Implement and enforce compliance measures to mitigate risks associated with sensitive information.
2. Client Support and Communication: Serve as the primary contact for clients regarding product functionalities, updates, and troubleshooting. Communicate effectively with internal teams to address concerns and optimize performance.
3. Enhancement and Innovation: Collaborate with product development teams to identify opportunities for product improvement based on client feedback and industry trends. Contribute insights into market demands and emerging technologies.
4. Lead security operational governance activities.
5. Ensure delivery excellence in security tooling and business operations, avoiding non-performance or non-compliance penalties.
6. Maintain security plans and related documentation for designated accounts and products.
7. Prepare for, facilitate, and remediate audit and penetration assessments.
8. Manage security risks and exceptions, including vulnerabilities, defects, and exploits.
9. Share knowledge and implement security policies, standards, and regulations.
10. Escalate and resolve security incidents in coordination with the Security Incident Response team and Account Executives.
11. Manage and report on security incidents and metrics.
12. Document policies, standards, procedures, and security plans.

1. At least 7 years of experience in risk management, audit, security, or technical delivery roles, including as a security consultant, architect, or engineer.
2. Experience in security management, including information governance and compliance.
3. Strong understanding of assurance practices and risk management, with hands-on experience.
4. Auditing experience with Virginia SEC 525 and SEC 530.
5. Experience with security standards such as NIST 800-53 and ISO27001.
6. Experience with security audits and accreditation processes.
7. Background in IT outsourcing or industry verticals for 7+ years.
8. Knowledge of HIPAA, FIPS, NIST, MARS-E, and FedRAMP is a plus.

• This is a fully remote position.
• Reports to the Information Security Leader within the Office of the CISO, coordinating efforts and promoting security practices.
• Collaborates with the Account Delivery Executive and Product Owners.
• Partners with Information Security staff and external partners to leverage solutions and promote security standards.

The application deadline is July 8, 2024. The pay range is $90,900 to $129,900 annually, with variations based on location, experience, and skills. Gainwell offers a flexible vacation policy, educational assistance, and leadership and technical development programs to support your growth. Join us and put your passion to work!