Facebook pixel

Chief Information Security Officer
Ciso
Posted on 12/8/2022
INACTIVE
Locations
Remote • Pittsburgh, PA, USA • Dorchester, Boston, MA, USA
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
AWS
Data Analysis
Management
Public Speaking
Communications
Requirements
  • Minimum 10 years of experience in healthcare supporting HIPAA security and compliance requirements
  • Minimum 10 years of experience in a combination on of risk management, information security and security engineering roles with at least 4 years in a senior leadership role
  • Current role as CISO/Head of Security role
  • Direct experience leading and managing Information Security Management Systems to support HITRUST, SOC 2 and ISO 27001 compliance
  • Deep technical understanding of AWS security architecture and controls
  • Provide leadership for incident response, including proven experience with SIEM to identify security events, perform triage, establish escalation if warranted, and manage response
  • Fantastic communication skills in both spoken and written forms to explain complex ideas to various audiences, such as, internal stakeholders and external customers and auditors
  • Masters or doctorate in information security
  • Certification in one or more of the following: CISSP, CISM, SSCP, CCSP, CRISC, others
  • Masters or doctorate in information security
  • AWS Certified Security - Specialty Certification
  • AWS Solution Architect Certification
  • Experience building a red team and demonstrated offensive security capabilities
  • Membership with CHIME or AEHIS, Infragard, ISSA, ISACA others
  • History of public speaking at security conferences and trade shows
  • Published articles and white papers
  • Knowledge of healthcare analytics, machine learning, and artificial intelligence
Responsibilities
  • Maintain and enhance the enterprise-wide information security management program to ensure that information assets are adequately protected
  • Develop organizationally aligned vision and strategy for information security that enables the organization to reach business objectives and strategic priorities
  • Work with executive management to determine and achieve acceptable levels of risk
  • Managing and monitoring enterprise information security, compliance, and IT risk management activities
  • Working directly with the business units to facilitate risk assessment and risk management processes
  • Recruiting, managing, and mentoring security and compliance staff
  • Consulting with lines of business to develop pragmatic solutions that achieve business requirements and maintaining acceptable levels of risk
  • Reporting key, risk based, performance metrics that demonstrate effectiveness of our program and a return on investment for our executives and the board of directors
  • Actively participate in security architecture with information technology, product management, and Engineering
  • Enhancing and maintaining a world-class security infrastructure, controls, and processes
  • Evangelizing security best practices across Arcadia, with customers, and the industry
  • Collaborating with development teams and product/development leadership to improve security within the in the software development lifecycle
  • Responding to customer requests for security audits and security assessment
  • Providing vision and guidance for security operations tooling and architecture
  • Evangelizing security best practices across Arcadia, with customers, and the industry
  • Collaborating with dev teams to apply a shift-left security strategy in the development lifecycle
  • Responding to customer requests for security audits and security assessment
  • Providing vision and guidance for security operations tooling and architecture
  • Driving improvements in incident identification and response capabilities and overseeing incident response table-top and integrated testing
  • Ensuring the effectiveness of data backup, recovery, and business continuity capabilities
  • Partnering with business stakeholders to raise awareness of security, privacy, and risk management concerns
  • Supporting compliance and audit requirements including HITRUST, SOC2, ISO27001, and PCI-DSS
  • Assisting with the overall business technology planning, providing a current knowledge and future vision of technology and systems
Arcadia

201-500 employees

Energy tech company
Company Overview
Arcadia's mission is to stop climate change by breaking the fossil fuel monopoly. Their technology is lighting a cleaner path forward for everyone, from everyday consumers and small businesses to the innovators building the next generation of energy products.
Benefits
  • Competitive compensation and paid time off
  • Comprehensive medical, dental, vision, and FSA plans
  • Paid parental leave for everyone
  • Remote work opportunities
  • Professional development and ongoing feedback
  • Company stock options and 401(k)
  • Snacks, beverages, and regular lunches in the office
  • On-site gym, new parent, and wellness rooms in DC
  • Commuter benefits and secure bike storage
  • 100% clean energy match for all employees
Company Core Values
  • Build for good
  • Build for all
  • Build with urgency
  • Build for simplicity
  • Build togethere