Chief Information Security Officer

Summary

Join Honest Health as their Chief Information Security Officer (CISO) and lead the development and implementation of the organization's information security strategy. This director-level position requires a deep understanding of healthcare regulations (HIPAA, HITRUST, NIST) and involves developing and maintaining a comprehensive information security program. You will oversee incident response, collaborate with various teams, and ensure compliance. The ideal candidate possesses a Bachelor's degree in information technology (Master's preferred), 7+ years of IT experience (5+ in leadership), and 5+ years in healthcare. Honest Health offers a competitive compensation package, including a comprehensive benefits package, performance-based bonuses, 401k matching, paid time off, flexible work arrangements, and professional development opportunities.

Requirements

• Bachelor’s degree in information technology or related field of study required
• 7+ years of experience in Information Technology Enterprise and Infrastructure with at least 5 years in leadership roles
• 5+ years of experience of operational delivery in a healthcare environment
• Thorough knowledge of state-of-the-art information security practices
• Thorough knowledge of technical infrastructure security components and integrated computerized rules-based systems
• Thorough knowledge of Federal and State privacy and security laws and regulations and industry best practices as they relate to healthcare information security
• Ability to manage the security of health information across a widely dispersed workforce with a variety of information mediums
• Ability to read, interpret and apply technical information and business level requirements
• Ability to analyze and resolve security problems quickly
• Ability to direct and evaluate the work of lower-level staff and vendors
• Ability to communicate effectively, both orally and in writing
• Ability to establish and maintain effective working relationships with a diverse constituency

Responsibilities

• Develop and continuously evaluate and evolve Honest’s information security roadmap and posture
• Develop, implement, and monitor a comprehensive enterprise information security and risk management program, in collaboration with our Compliance team and other business partners
• Align and prioritize actions within the cyber security program that align with our organization’s objective goals, meets the needs of our partners and focuses on data protection, threat management, and risk mitigation
• Ensure compliance with healthcare regulations including HIPAA, HITRUST, and other applicable standards
• Oversee incident response planning, and the investigation of any security incidents, ensuring timely reporting to the executive team and all relevant stakeholders
• Collaborate with our business partners across the organization to integrate security best-practices across the organization
• Oversee and evaluate third-party security assessments to ensure vendor compliance with organizational security policies and industry standards. Collaborate with both our People and Culture and Marketing teams on security training and awareness programs for all staff to help foster a culture of security awareness
• Provide regular reports to the executive team and board on the status of the information security program and emerging threats
• Implement, manage and enforce information security directives as mandated by Federal and State regulations, including but not limited to the Health Insurance Portability and Accountability Act (HIPAA)
• Develop and enforce policies and procedures and provide oversight of functional areas including, but not limited to: workforce training involving confidentiality, integrity and availability of data within Honest’s electronic systems and cloud-hosted data
• Work across the organization to ensure that the access control, disaster recovery, business continuity needs of the organization are properly addressed
• Conduct research in and stays current with security vulnerabilities and remediation efforts
• Perform other related responsibilities as required

Preferred Qualifications

Master’s degree in business or IT fields

Benefits

• Competitive Compensation
• Attractive base salary with performance-based bonuses and rewards
• 401(k) plan with a generous company match, fully vested from day one
• Comprehensive Health and Wellness Benefits
• Flexible health, dental, and vision insurance options tailored to your needs
• Company contribution towards health savings accounts (HSA) for high-deductible health plan (HDHP) participants
• 100% company-paid short-term disability, long-term disability, and life insurance
• Wellness programs and resources to support your physical and mental health
• Generous paid time off, including vacation, sick leave, and 11 paid holidays annually
• Two paid volunteer days to support causes you're passionate about
• Flexible work arrangements to accommodate your lifestyle
• Robust onboarding program and ongoing training opportunities
• Reimbursement for role-related continuing education and certifications
• Paid parental leave for new parents
• Dependent care flexible spending accounts
• Support for work-life integration
• Work alongside professionals who share your commitment to Honest's high-quality, value-based care model
• Opportunities to contribute to meaningful projects and initiatives
• Team member recognition programs
• Team-building events and social activities