This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

This is a hands-on role for a highly motivated and experienced Information Security Officer. In this quickly developing organization, you will be expected to be a strong team player who can also independently drive key security initiatives as the information security department matures. This role requires a blend of technical expertise and managerial experience.

• Develop and implement security policies, standards, and procedures in collaboration with relevant teams to protect organizational data and systems.
• Document data architecture, integrations, and security controls, ensuring ongoing maintenance and adherence to security best practices.
• Manage and lead an Information Security team, partnering with key stakeholders in IT, Technologies and other parts of the business as needed.
• Continuously analyze and anticipate enterprise-wide security needs, including threat detection, incident response, and capacity planning.
• Manage organizational security tools, including zero-trust access tools, to support secure authentication (e.g., SSO, O-Auth) and access control across all applications.
• Oversee the management of MDM suites across Windows, Mac, and mobile devices, including inventory management, software deployment, and endpoint security policies.
• Conduct continuous analysis of security processes, technologies, and vendors to identify and implement improvements that enhance our security posture.
• Monitor vendors to ensure they meet security requirements and provide the best possible service and value via Third Party Risk Reviews and other needed processes.
• Develop and conduct security training for employees to promote a security-aware culture.
• Document support models for endpoints, cloud assets, mobile devices, and SaaS applications (e.g., Okta, Google Workspace), focusing on secure configuration and maintenance.
• Prepare cost-benefit analyses for security upgrades and new technologies.
• Ensure that our security measures and technical capabilities align with audit standards, such as SOC2 and NIST.
• Follow standards set for Information Security Officer as set forth in NIST 800-53.
• Efficiently manage our security software and hardware inventory, including licensing and cost management.

Qualifications

• At least three years of experience in a role focused on information security, with a strong emphasis on endpoint management in a zero-trust environment.
• A proven track record of troubleshooting, documentation, and managing information security policies and best practices.
• Strong practical knowledge of scripting, programming, encryption, and digital security.
• In-depth understanding of network architecture and security principles, including cloud-based security (e.g., cloud access security brokers, firewalls, and security monitoring).
• Expertise in SaaS application operations, integrations, and secure onboarding, particularly with platforms like Google Workspace.
• Experience with and deep knowledge of security frameworks and compliance standards, such as ITIL, SOC2, NIST SP 800-171, PCI, and HIPAA.
• Excellent communication, interpersonal, and leadership skills, with the ability to manage conflict and provide effective guidance.
• Superior problem-solving, critical thinking, and decision-making abilities.
• Great project management skills, including organization, planning, time management, and prioritization.
• Excellent attention to detail and a customer service mindset.

Benefits

• Medical, dental and vision insurance
• $4,400 annual HSA contribution
• Paytient Health Payment Account (HPA)
• Monthly lifestyle spending stipend
• Five weeks of annual PTO
• Week-long fully paid 'summer break' for all employees!
• Ten weeks of bonding leave for new parents
• Two weeks of caregiver leave
• Employer paid short-term and long-term disability
• 401k plan access with a 4% employer match
• Stock options in Paytient
• ...and more!