Job Overview: As CureMD's Information Security Manager, you will oversee the development, implementation, and management of a strategic, comprehensive enterprise information security and IT risk management program tailored to the demands of healthcare IT. You will demonstrate strong proficiency in healthcare IT information security standards, including but not limited to HIPAA, NIST, HITRUST CSF, FedRAMP, ISO/IEC 27001, PCI DSS, and other relevant standards/regulations, ensuring our organization meets compliance requirements effectively.
Job Responsibilities: - Manage and execute a strategic enterprise information security and IT risk management framework, focusing on healthcare IT information security standards.
- Collaborate with business units to conduct risk assessments and manage risk, ensuring seamless integration of policies and standards across technology initiatives, systems, and services.
- Provide direction to the information security team, ensuring robust measures to protect patient data and organizational assets against current and emerging threats.
- Build partnerships across the company to promote risk management awareness and practices.
- Implement strategies for risk assessment and mitigation, safeguarding the organization's assets and ensuring business continuity and disaster recovery.
- Maintain security processes and policies to ensure compliance with local and national health, privacy, and safety regulations.
- Foster a culture of security awareness through training programs and effective communication to minimize risks and liabilities across informational, physical, and financial domains.
- Research and deploy advanced security solutions with a focus on AI-related risks.
- Work with executive leadership to develop budgets supporting security programs, contributing to a multi-year cybersecurity roadmap with clear goals, strategies, and metrics.
- Mentor and guide a skilled security team, fostering cross-functional collaboration, service excellence, and continuous improvement.
- Manage critical security functions such as Incident Response, Third-Party Security Assessment, Identity & Access Management, and Privileged User Access.
- Support governance and control strategies for emerging technologies, including cloud and distributed computing, staying ahead of developing security threats.
- Ensure cyber compliance through collaboration with the Cyber Security Governance Committee (CSG) and Audit Committee.
- Prepare and report on the organization's information security posture to Senior Management and stakeholders.
Qualifications: - Bachelor's degree in Engineering, Cybersecurity, or related field (Master's preferred).
- Hands-on technical experience in health IT risk management with a strong understanding of applicable standards such as HIPAA, HITRUST, and StateRAMP etc.
- Proven leadership in implementing and auditing information security programs.
- Strong analytical, problem-solving, and collaboration skills.
- Relevant certifications (e.g., CISSP, CISM) are desirable.
Compensation and Benefits: - Salary range $125,000 - $140,000.
- Comprehensive medical, dental, and vision insurance.
- Up to 4% employer match for 401(k).
- Commuter benefits and flexible spending account (FSA).
- Generous paid time off (PTO) and paid holidays.
- Hybrid schedule in a brand-new office located in the heart of the Financial District.
- Social events such as happy hours, birthday celebrations and company-sponsored lunches with Grubhub.
- Opportunities for professional development and career growth.
The Difference You'll Make: At CureMD, every role, whether senior or junior, plays a pivotal part in transforming healthcare. By joining our innovative team, you'll contribute to groundbreaking technology that directly impacts patient care, enhances healthcare efficiency, and saves lives globally. Your skills and passion will drive meaningful change, helping us deliver solutions that support healthcare professionals in critical, real-time settings. Together, we're not just advancing technology - we're making a tangible difference in people's lives.
Together, let's save lives.