Senior Information Security Specialist
Bring your hands-on expertise and compliance mindset to a dynamic, highly regulated environment.
Overview:
We're looking for a Senior Information Security Specialist who thrives in small to mid-sized environments and understands the unique challenges of maintaining security in regulated industries such as healthcare, banking, or financial services. This role offers the opportunity to make a tangible impact, working closely with cross-functional teams to strengthen our security posture, ensure compliance, and implement practical, effective security controls.
You'll work under minimal supervision to support and evolve our Information Security Program, staying ahead of regulatory demands and evolving threats. If you've worn multiple hats, navigated audits, and led initiatives that secured sensitive data across departments-this role is for you.
Key Responsibilities:
- Act as a collaborative security advisor to departments across the organization, translating compliance needs into actionable security controls.
- Support the design, maintenance, and continuous improvement of our Information Security Program to align with standards such as HIPAA, GLBA, NCUA, or PCI-DSS.
- Monitor security systems, investigate alerts, and lead incident response efforts.
- Partner with IT and business stakeholders to manage access controls, ensure secure system configurations, and standardize security practices.
- Review and support vendor integrations, remote access, and third-party connections for security and compliance.
- Assist in the planning and remediation of security assessments, penetration tests, and vulnerability scans.
- Conduct training and awareness initiatives to build a security-first culture among staff.
- Evaluate new security technologies and make recommendations based on practicality and fit for a mid-sized organization.
- Maintain thorough documentation to support audits, risk assessments, and compliance reporting.
What We're Looking For:
Required:
- Bachelor's degree (or equivalent experience preferred).
- Relevant certifications such as CISA, CISM, GCED, or similar.
- 2+ years of direct experience in information security and 4+ years in IT infrastructure or systems.
- Experience implementing and maintaining security controls in regulated environments (e.g., healthcare, banking, financial services).
- Working knowledge of standards like HIPAA, NIST, PCI-DSS, or GLBA.
- Ability to lift up to 40 lbs. occasionally (e.g., IT equipment).
Preferred Experience & Attributes:
- Experience in smaller organizations where flexibility and cross-functional collaboration were key to success.
- Familiarity with both technical and administrative safeguards to protect PII, PHI, and financial data.
- Strong troubleshooting skills and a hands-on approach to problem-solving.
- Demonstrated ability to interpret complex regulations and turn them into operational procedures.
- Experience supporting or leading security audits and regulatory examinations.
- Knowledge of IAM, vulnerability management tools, encryption, firewalls, and endpoint security.
- Clear, proactive communication skills and a team-focused mindset.
What We Offer:
- The opportunity to have a real voice and impact in a growing organization.
- A collaborative culture that values accountability, integrity, and trust.
- Exposure to diverse technology stacks and security challenges.
- A commitment to professional development and continuous learning.