Job type full-time
Full job description
Description: position summary:
Payspan, incIs seeking a full-time, talented vice president, chief information security officer to drive our security program including information assets and associated technology, applications, systems, infrastructure and processes to adequately protect the digital ecosystem in which we operateThe ideal candidate is a driver, with a passion for physical and logical security and a determination to beat the nefarious by staying ahead of industry standards for security while striving to maintain good and efficient user experiences for our customersThis is a role for a visionary leader with sound knowledge of business and security management, hands on skills in security processes and tools, and the ability to build a highly effective security teamFurther, this leader must have the skills to effectively lead across the entire company on behalf of the ceo and shareholders to ensure security prevention, detection, investigation, compliance, and resolution processes are rigorously followedHe or she must have detailed knowledge of cybersecurity technologies, the cyberthreat landscape, and a robust network of security industry contacts to ensure the protection of payspan’s employees, customers and assets.
Payspan is the industry-leading healthcare payments company and our mission, “we simplify healthcare payments” says it allBuilt around the values of integrity, accountability, collaboration and empowerment, the payspan team delivers provider payments, premium payments, quality incentive communications and patient payment products to the health plan and provider marketsA rapidly growing, profitable, private–equity backed innovator, payspan is looking for a vp, chief information security officer to lead payspan’s growing security organization.
The vice president, chief information security officer position will provide leadership of the information security program company-wide including risk-based strategic planning and implementation which incorporates administrative, technical, and physical risk controlsThis role will oversee all management, operations, strategy, direction, growth and execution of the security hands-onfunctions at payspanYou will be setting the direction and culture for payspan’s security principles, practices and standards, reporting directly to the ceoThis position will interact with the c-suite and board.
Ownership of security controls and processes in support of cyber-resilienceThis includes: unified threat management, casb, seim, malware, data loss prevention, anti-phishing, cloud messaging and malware controls.
Provide active monitoring and governance to ensure that third-party technology partners adhere and align to payspan’s relevant security policies, standards and practices.
Ownership of the relevant information security control processing including all information security (technical, process) activities across all domains of information security; access control, connectivity/communications, security operations, ad security and event management.
Support for strategic initiatives including the application and infrastructure establishment and simplification, transparency and value.
Educate and communicate to key stakeholders of new threats, industry trends and applicable laws related to security.
Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation and continuously increase the maturity of the security program.
Develop short and long-term information systems strategies related to infrastructure, security, support and applications that will improve the efficiency of associates.
Ensure business continuity and enterprise risk factors are integrated in the design and operation it systems
Manage and optimize the financial budget.
Develop optimized technologies and processes for the integration of acquired companies.
Develop and launch visual management techniques within it that will lead to improving support, decreasing application downtime and lead to completing of projects on time
Lead and manage key governance components including relevant regulatory and contractual compliance, policy and security awareness and training.
Provide direction and guidance to it operations and manage escalation process with security service providers.
Drive incident response readiness including periodic updates of the global incident response plan, implementation of tabletop training exercises and management of third-party forensics support.
Stay current on cybersecurity threat trends and intelligence.
Keep up to date on new and evolving security technologies and services available in the market.
Intelligent and persuasive leader and manager with good interpersonal, verbal and written communication and presentation skills.
Demonstrated experience designing a comprehensive security program for saas applications and corporate environments including security assessments, red/blue/purple team penetration tests, risk management, threat intelligence, vulnerability management, incident and response, security training, privacy and compliance programs.
Direct experience managing complex information technology programs within the financial and/or healthcare saas space.
Accomplished and effective change manager with leadership responsibility and ability to implement and drive adoption of risk management program as required for payspan.
Direct knowledge of industry best practices (nist, iso, sans, cobit, cert), legislative and regulatory and industry compliance requirements (sox, pci, hipaa, hitech, hitrust, ehnac, etc )
Managed across vendor solutions and consultants, ensuring vendor performance and deliverables meet specifications for security and compliance
Directed members across the organization, ensuring alignment of resources across functions.
Creative, innovate and thorough approach with the ability to work autonomously.
Ability to focus on high quality work while under pressure
Logical, analytic and rational
Strong risk management background in a healthcare financial organization
Ability to manage aggressive time frames and communicate effectively to peers and management
English (oral and written) is a must
Experience and education:
Bachelor’s degree; master’s level degree preferred
Cissp or giac, ccsp (certified cloud security professional) preferred; and cipp (certified information privacy professional preferred
Minimum 10 years work experience in it, including at least 5 in information security leadership
Well versed in pci dss compliance, iso 27001, 27002 standards and the cloud security alliance cloud controls matrix
Must be able to pass the fbi’s background checks to join infragard
This position offers a competitive compensation and benefits package:
Open access to flex pto
10 paid holidays
Competitive medical insurance plans
Dental & vision insurance
Company-sponsored short and long-term disability
401k plan with matching
Life insurance options
Casual attire workplace
Payspan, incIs an equal opportunity employerEmployment at payspan, incIs based upon your individual merit and qualificationsWe don’t discriminate on the basis of race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, physical or mental disability, marital status, protected veteran status or disability, genetic characteristic, or any other characteristic protected by applicable federal, state or local lawWe will also make all reasonable accommodations to meet our obligations under the americans with disabilities act (ada) and state disability lawsAll qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability.
Job type: full-time