Cybersecurity Officer

About The Position

Requirements

• BSCS or equivalent experience in an operational security role
• 10+ years of experience in security and/or information assurance roles, and risk management, with a strong record of successfully managing information security, including experience working in a healthcare environment, with a strong understanding of HIPAA
• Knowledge of information security management frameworks, such as NIST cybersecurity framework
• Experience and/or ability to learn and apply hands-on skills in a cloud native production environment
• Experience implementing cloud security technologies, including encryption, network security, intrusion detection, and could monitoring
• Excellent verbal and written communication skills with the ability to simplify complex topics for understanding and decision making by technical and non- technical audiences

Nice To Haves

• Key industry certifications in information security, such as CISSP, CISM and CISA
• Experience in a startup of 100 - 500 people
• Experience with securing a production SaaS product hosted in AWS
• Experience conducting or managing technical audit engagements, or directly responding to auditor inquiries

Responsibilities

• Oversee the internal cybersecurity program, road map, and strategy, which includes developing and implementing procedures and policies designed to protect Waymark communications, systems, and assets from internal and external threats and that safeguards health information.
• Oversee and manage Waymark’s MSSP and outsourced IT vendor, including responsibility for security and IT budgets, and IT tools used by Waymark.
• Partner with Product, Engineering, Legal, and Compliance leadership to determine risks and deploy risk management processes, supporting Waymark’s secure software development lifecycle and ensuring that our internally developed products and services meet the expectations of our patients, customers and regulators
• Own, define and oversee the necessary security operational functions such as Identity Management, Vulnerability Management, Incident Response, Security Awareness, and Vendor Risk Management
• Serve as Waymark’s HIPAA Security Officer, ensuring compliance with the HIPAA Security Rule, working closely with the legal team to document, review, maintain, and implement standards, policies, and procedures within security disciplines.
• Lead the strategy, implementation, and maintenance of industry-standard security certifications, including SOC2 Type II.
• Conduct research, analysis, and correlation across a wide variety of source data to identify and prevent compromise of our networks, host systems, and data.
• Track and report on network security to the Waymark executive leadership team

Benefits

• Stock Options: Opportunity to invest in the company’s growth.
• Work-from-Home Stipend: A dedicated stipend for your first year to help set up your home office.
• Medical, Vision, and Dental Coverage: Comprehensive plans to keep you and your family healthy.
• Life Insurance: Basic life insurance to give you peace of mind.
• Paid Time Off: 20 vacation days, accrued over the year, plus 11 paid holidays.
• Parental Leave: 16 weeks of paid leave for birthing parents after six months of employment, and 8 weeks of bonding leave for non-birthing parents.
• Retirement Savings: Access to a 401(k) plan with a company contribution, subject to a vesting schedule.
• Commuter Benefits: Convenient options to support your commute needs.
• Professional Development Stipend: A dedicated stipend supports professional development and growth.