We are BUILDING HEALTH SAVINGS. Come be part of remarkable.
How you can make a difference
We are looking for an influential, collaborative, and passionate leader to join our team as Chief Information Security Officer. You will serve as a central point of strategic planning, coordination and execution of cyber and information security activities across the company. This role will directly manage our security teams focused on application security, identity and access management, governance and compliance, and incident response. You will work across multiple departments to bring a holistic approach to the company’s information security initiatives.
You will have previous hands-on experience with complex Information Security solutions and business applications, communicate clearly, and juggle multiple priorities in a fast-paced environment. This role supports and provides critical analyses and insights to help drive business decisions in a dynamic and fluid organization. This role focuses on staying abreast of the latest thought leadership, technology, and industry developments around cybersecurity, is the primary liaison to peers, partners, and law enforcement as it relates to security activities and incident response.
What you will be doing
- Define the InfoSec vision, strategy and lead the team to execute on that strategy.
- Develop the InfoSec program and implement the associated cross functional working processes.
- Cross organization communication, reports related to InfoSec status and associated risk levels.
- Strong leadership and process development skills
- Excellent organization and decision making skills
- Drive process for security assessments, initiative prioritization, and scoping.
- Establish recurring and long-range security and compliance goals and KPIs.
- Further develop, maintain, and run the Information Security Management System (ISMS) and related enterprise-wide policies and programs to ensure information assets are protected, technology systems are secure, and security and business continuity risk/reward decisions are balanced and comply with external regulatory requirements while maintaining an understanding of the challenges facing the business.
- Define metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
- Coordinate with the Privacy and Product Teams to ensure security and privacy by default and design practices are followed in product lifecycle.
- Recruit and retain high-performing cybersecurity talent. Mentor and directly manage the team towards its core mission.
- Participate and contribute to internal and external audits, including partner assessments, relevant to information security and compliance.
- Create education and awareness programs and advise teams at all levels on security issues, best practices, and vulnerabilities.
- Keep abreast of security incidents and act as primary control point during significant information security incidents.
- Enhance an incident response program and protocol. Convene the Security Incident Response Team as needed to address and investigate security incidences that arise as well as review changes that have the opportunity to introduce greater risk to the organization.
- Perform special projects and other duties as assigned.
What you will need to be successful
- BS or MS (preferred) in an Information Technology related field, or equivalent relevant experience.
- 12 years of professional experience in technical environments, with at least 4 of those years focused on cybersecurity and at least 5 years of management experience.
- Experience in a complex financial services and/or healthcare environment.
- Deep knowledge of regulatory/compliance requirements.
- An active and engaging thought leader who can plan, manage and execute on deliverables. Graceful and controlled under pressure.
- Experience leading teams and leading projects with the highest level of integrity and management of confidential information.
- A collaborative team player – concerned with the team’s success as well as individual performance.
- Curious and energetic. Avid student of changing industry requirements and the technologies that drive results.
- Ability to manage multiple priorities and meet deadlines in a fast-paced environment with attention to detail to ensure highest level of quality in reports and analysis.
- Excellent problem solving, critical thinking, and analytical abilities. High tolerance for ambiguity and complexity, and efficient with limited resources. Intellectual curiosity and passion to drive results. Enthusiastic advocate of security.
- Strong Knowledge of following technologies and standards:
- Identity Management
- LAN/WAN Network security, VPNs and firewalls
- Endpoint protection, device and mobile security
- Cloud security & Data encryption
- Intrusion Detection and Prevention
- ISO, ANSI, and NIST standards around cybersecurity
- ISO / IEC 27002, ISACA and COBIT
- State and Federal laws governing public companies as related to Information Security
Benefits and perks
- Medical, Dental, Vision
- 401(k) match
- Paid Maternity/Paternity leave
- Ongoing education
- Tuition Assistance
- Gym/Fitness Reimbursement
- Purple with Purpose (paid volunteer time off)
- HSA contribution and match
- On site Lunch and Learns
- Award winning Wellness Program
- Consumer Driven Healthcare (CDH) education
Why work for HealthEquity
HealthEquity has a vision that by 2030 we will make HSAs as wide-spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth and build health savings for life. Through our innovative technology and superior service delivery, our members gain valuable insights to better save and spend their healthcare dollars.
We firmly believe that our team members drive the success of this company. We hire passionate contributors who enjoy the thrill of pioneering their positions to their full potential. Join us and discover a work experience where the person is valued more than the position, and where are our purple culture drives a remarkable experience.
Our advice to you
HealthEquity is fiercely focused on hiring passionate individuals to contribute to our purple culture. If you speak passion, excellence, service, ambition, fun… we want to speak with you! We believe that your personality is as important as your experience and qualifications so when we do have the opportunity to speak together, be authentic, be genuine, be you! Showcase your experience and your passion.
HealthEquity, Inc. is a proud promoter of equal opportunities for training, compensation, transfer, promotion, and other aspects of employment for all qualified applicants and employees. HealthEquity, Inc. support Equal Employment Opportunities without regard to sex, race, color, religion, national origin, age, disability, sexual orientation or veteran status when hiring – under federal, state and local laws.