Information Security Lead

Great companies need great teams to propel their operations. Join the group that solves business challenges and enhances the way we work and grow. Working at Gainwell carries its rewards. You'll have an incredible opportunity to grow your career in a company that values your contributions and puts a premium on work flexibility, learning, and career development.

As an Information Security Leader (ISL), you will play a pivotal role in ensuring the seamless integration and effective utilization of Gainwell's diverse product portfolio. You will work closely with internal teams and external stakeholders to understand product functionalities, address concerns, and optimize solutions across various domains, including healthcare, data analysis, and client support services. In a typical engagement, you operate as a trusted advisor in the organization, working with senior management and focusing specifically on health care industry regulated security requirements and environments in relation to client business objectives.

The ISL helps understand operational issues and plans next steps from an information security viewpoint. This requires the ability to interact and influence at a managerial level within client organizations such as Information Governance and IT Security leads. You will demonstrate industry expertise and understanding of the security governance and compliance. HIPAA and NIST 800-53 are key frameworks the ISL will analyze, enforce, maintain, and help assess on each designated account or healthcare product within Gainwell Technologies and its partners.

• Data Security and Compliance: Educate stakeholders on safeguarding PHI / PII data within Gainwell products. Implement and enforce compliance measures to mitigate risks.
• Client Support and Communication: Serve as a primary contact for clients regarding product functionalities, updates, and troubleshooting. Communicate effectively with internal teams to address concerns and optimize performance.
• Enhancement and Innovation: Collaborate with product teams to identify opportunities for improvement based on feedback and industry trends. Contribute insights into product roadmaps.
• Lead security operational governance activities.
• Ensure delivery excellence in security tooling and operations, avoiding non-performance and non-compliance penalties.
• Maintain security plans and documentation for accounts and products.
• Prepare for, facilitate, and remediate audit and penetration assessments.
• Manage security risks and exceptions, including vulnerabilities and exploits.
• Share knowledge and implement security policies and standards.
• Escalate and resolve security incidents with relevant teams.
• Manage and report on security incidents and metrics.
• Document policies, standards, procedures, and security plans.

• At least 7 years of experience in risk management, audit, security, or technical delivery roles. Experience as a security consultant, architect, or engineer.
• Experience with security management, information governance, and compliance.
• Understanding of assurance practices and risk management, with hands-on experience.
• Knowledge of security standards like NIST 800-53 and ISO27001.
• Experience with security audits and accreditations.
• Experience in IT outsourcing or relevant industry verticals for 7+ years.
• Familiarity with HIPAA, FIPS, NIST, MARS-E, and FedRAMP is a plus.

• This is a fully remote position.
• Reports to the Information Security Leader within the OCISO to coordinate efforts and promote security practices.
• Works with the Account Delivery Executive.
• Collaborates with security staff and partners to leverage solutions and standards.

The deadline to submit applications is July 10, 2024. The pay range is $90,900 to $129,900 annually, with variations based on location, experience, and skills. Gainwell offers a flexible vacation policy, educational assistance, and leadership and technical development programs. Put your passion to work at Gainwell and grow your career in a supportive environment that values learning and development.