bswift

Senior Manager, Information Security

bswift

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloudSDLC

About the role

  • Lead execution of the enterprise information security program aligned with business objectives, regulatory requirements, and risk tolerance.
  • Translate security strategy into prioritized roadmaps, operational plans, and measurable outcomes.
  • Maintain and evolve security policies, standards, and procedures for a healthcare SaaS environment.
  • Act as a trusted security advisor to Product, Engineering, IT, and Customer Operations.
  • Ensure strong safeguards for PII and PHI throughout the benefits lifecycle.
  • Support customer security due diligence (questionnaires, audits, BAAs).
  • Partner with Legal and Privacy on risk assessments and regulatory‑appropriate incident handling.
  • Own or support compliance with HIPAA/HITECH, HITRUST CSF, and SOC 2 Type II.
  • Oversee threat detection/response, vulnerability management, IAM, endpoint security, and incident response processes.
  • Lead or coordinate security incident response, including containment, communication, and executive updates.
  • Drive continuous improvement through post‑incident reviews and control enhancements.
  • Partner with Engineering and Infrastructure teams to secure AWS and/or Azure environments, CI/CD pipelines, and SaaS architecture.
  • Ensure security is embedded into SDLC, cloud design, configuration management, and change management.
  • Promote secure‑by‑design and defense‑in‑depth principles.
  • Manage MSSPs/MDRs supporting day‑to‑day security operations.
  • Lead RFPs, vendor evaluations, contract negotiations, and renewals.
  • Oversee third‑party risk for vendors accessing sensitive benefits data.
  • Define and track security KPIs, KRIs, and control maturity measures.
  • Provide concise, meaningful reporting to the CISO and executive leadership.
  • Communicate risks and recommendations in business‑focused language.
  • Build, mentor, and develop a high‑performing security team.
  • Foster a culture of accountability, collaboration, and continuous improvement.
  • Lead security awareness and training programs.
  • Champion a security‑first mindset that supports innovation.

Requirements

  • 8+ years of information security experience, including 3+ years in leadership or people management.
  • Experience operating security programs in SaaS, benefits administration, HR tech, or healthcare‑adjacent environments.
  • Strong working knowledge of:
  • HIPAA/HITECH
  • HITRUST CSF
  • SOC 2
  • NIST CSF or ISO 27001
  • Hands‑on experience with:
  • SIEM / MDR
  • Endpoint protection / EDR
  • IAM
  • Vulnerability management tools
  • Strong understanding of cloud security (AWS and/or Azure).
  • Demonstrated incident response leadership and regulator‑appropriate communication.
  • Experience managing vendors, MSSPs, and third‑party risk programs.
  • Strong project/program management skills.
  • Bachelor’s degree in Information Security, Computer Science, or related field, or equivalent practical experience.
Benefits
  • Comprehensive Health Benefits: Access to health, dental, and vision plans to support your wellness and that of your family.
  • Competitive Compensation: A compensation package that recognizes your skills, experience, and contributions, including performance-based incentives for most roles.
  • Remote first, Office friendly environment! No time to commute? No problem!
  • Retirement Savings Plans: Options to help you plan for a secure financial future with employer-sponsored retirement savings programs.
  • Professional Development: Opportunities for career growth, including training and access to resources to support your career progression.
  • Supportive Culture: A work environment that encourages collaboration, open communication, and creative problem-solving, where your voice and ideas are valued.
  • Employee Wellbeing Initiatives: Programs focused on mental health, financial planning, and wellness resources to help you thrive inside and outside of work.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
information securitysecurity program managementincident responsevulnerability managementIAMcloud securitySIEMendpoint protectionproject managementsecurity policy development
Soft Skills
leadershipcommunicationcollaborationmentoringaccountabilitycontinuous improvementstrategic planningrisk assessmentreportingteam development
Certifications
CISSPCISMCEHISO 27001NIST CSFHITRUST CSFSOC 2HIPAAHITECHBachelor's degree in Information Security