Oversee the internal cybersecurity program, road map, and strategy, which includes developing and implementing procedures and policies designed to protect Waymark communications, systems, and assets from internal and external threats and that safeguards health information.
Oversee and manage Waymark’s MSSP and outsourced IT vendor, including responsibility for security and IT budgets, and IT tools used by Waymark.
Partner with Product, Engineering, Legal, and Compliance leadership to determine risks and deploy risk management processes, supporting Waymark’s secure software development lifecycle and ensuring that our internally developed products and services meet the expectations of our patients, customers and regulators
Own, define and oversee the necessary security operational functions such as Identity Management, Vulnerability Management, Incident Response, Security Awareness, and Vendor Risk Management
Serve as Waymark’s HIPAA Security Officer, ensuring compliance with the HIPAA Security Rule, working closely with the legal team to document, review, maintain, and implement standards, policies, and procedures within security disciplines.
Lead the strategy, implementation, and maintenance of industry-standard security certifications, including SOC2 Type II.
Conduct research, analysis, and correlation across a wide variety of source data to identify and prevent compromise of our networks, host systems, and data.
Track and report on network security to the Waymark executive leadership team

Requirements

BSCS or equivalent experience in an operational security role
10+ years of experience in security and/or information assurance roles, and risk management, with a strong record of successfully managing information security, including experience working in a healthcare environment, with a strong understanding of HIPAA
Knowledge of information security management frameworks, such as NIST cybersecurity framework
Experience and/or ability to learn and apply hands-on skills in a cloud native production environment
Experience implementing cloud security technologies, including encryption, network security, intrusion detection, and could monitoring
Excellent verbal and written communication skills with the ability to simplify complex topics for understanding and decision making by technical and non-technical audiences.

Benefits

Stock Options: Opportunity to invest in the company’s growth.
Work-from-Home Stipend: A dedicated stipend for your first year to help set up your home office.
Medical, Vision, and Dental Coverage: Comprehensive plans to keep you and your family healthy.
Life Insurance: Basic life insurance to give you peace of mind.
Paid Time Off: 20 vacation days, accrued over the year, plus 11 paid holidays.
Parental Leave: 16 weeks of paid leave for birthing parents after six months of employment, and 8 weeks of bonding leave for non-birthing parents.
Retirement Savings: Access to a 401(k) plan with a company contribution, subject to a vesting schedule.
Commuter Benefits: Convenient options to support your commute needs.
Professional Development Stipend: A dedicated stipend supports professional development and growth.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurityrisk managementidentity managementvulnerability managementincident responsesecurity awarenessvendor risk managementcloud security technologiesencryptionnetwork security

Soft Skills

communicationleadershipcollaborationanalytical skillsproblem-solving

Certifications

BSCSHIPAA Security OfficerSOC2 Type II certification