Chief Information Security Officer

Chief Information Security Officer

Concord is seeking a passionate Chief Information Security Officer (CISO) to join our highly collaborative team. Are you a passionate guardian of digital assets with experience in healthcare and associated environments? Do you enjoy being the strategic force behind our Information Security compliance and risk function? If so, then Concord is the place for you! You will ensure compliance with PCI, HIPAA, CCPA, CPRA, GCPR, and other privacy laws, ensuring the security, privacy, and integrity of our digital assets and customer data is maintained.

Reporting directly to the CTO, you will be driving strategic planning, governance, and operational oversight; designing and executing the company's Information Security program. Join us in this critical digital safeguarding mission, where your leadership ensures that our customer’s information landscape is secure, private, and always in integrity. Seattle location is preferred.

Essential Functions:

• Develop and implement a comprehensive cybersecurity strategy that aligns with the company's business objectives and industry best practices.
• Actively evaluate portfolio products and operations for vulnerabilities and collaborate with Engineering and Platform Operations on mitigation tactics.
• Communicate actively about status of the company security posture across departments and systematic reduction in attack surfaces.
• Develop and implement policies and procedures to ensure compliance with PCI, HIPAA, CCPA, CPRA, GDPR, and other privacy laws and regulations.
• Collaborate with cross-functional teams, including Legal, Technology, Operations, and Business units, to implement security and privacy initiatives.
• Ensure appropriate security and privacy controls are in place, including monitoring, testing, and reporting.
• Lead the response team in trials and actual response in the unlikely event of an exposure.
• Work with the Legal team to respond to regulatory inquiries, investigations, and audits.
• Manage relationships with external auditors, regulators, and vendors to ensure compliance with applicable laws and regulations.
• Lead the development and implementation of the organization's privacy program, including data governance, data mapping, and data retention policies.
• Monitor and maintain security infrastructure and frameworks while analyzing, planning, and making recommendations for changes to ensure consistency.
• Ensure compliance with the changing laws and applicable regulations. Stay updated on the latest cybersecurity threats, vulnerabilities, and trends, adapting security measures accordingly. Translate that knowledge to identification of risks and actionable plans to protect the business.

Job Qualifications:

• MS/MA Degree, or additional 6 years of relevant information and network security experience. Master of Science in Information Security or Cybersecurity is preferred.
• Minimum 8 plus years’ experience in Management/Leadership.
• Minimum of 8-12 years or work experience as an Information Security practitioner, compliance, or related role.
• Certified Chief Information Security Officer (CCISO), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or Certified Information Security Auditor (CISA) and formal Information Security education is required.
• Experience in the evaluation and implementation of enterprise-wide Information Security technologies and concepts. These may include but are not limited to: Data Loss Prevention, Security Event Management, GRC Tools, Data Classification, Data Mapping, Data Retention.
• Proven experience of effectively managing through an Information Security incident, external attack, or data breach, and as a result, strengthening the organization’s Information Security posture to prevent future events or can demonstrate how their proactive efforts and foresight as an Information Security leader have prevented such an incident from occurring in the first place.
• Experience working in a multi-product environment.
• Proven and effective team leadership and collaboration skills, with the ability to work effectively with others through conflicting pressures and priorities while resolving complex issues.

The compensation range for this role is $200,000 - $230,000. Range can flux dependent on experience.

Additional employee benefits at Concord Technologies:

• 401K plan w/ 6% company match (vests immediately)
• Flex-Time off + sick time
• 10 company holidays
• Full suite of health benefits (Medical, Dental, Vision)– employee only coverage covered at 100% (no employee cost). For employees + dependents, Concord covers 60% of premiums.
• Voluntary insurance options:
  • Pet insurance
  • Employee Life and AD&D
  • Spousal Life and AD&D
  • Child Life and AD&D
• Paid Parental Leave program
• Free unlimited ORCA card (Seattle area residents)
• Employee Rewards and Recognition through NectarHR
• Unlimited access to Udemy for Business

About Concord Technologies:

Concord Technologies is a provider of secure document exchange, intelligent document automation, and workflow solutions to healthcare providers, payers, and other highly regulated businesses. Concord’s suite of solutions has been providing swift and secure document transmission for more than two decades, transmitting 3 billion pages a year while supporting more than 2500 organizations every day.

Concord is also recognized for its best-in-class development of new artificial intelligence technologies and industry-leading applications that help its customers grow and manage their business. Concord’s superior service and forward thinking have been rewarded with a client retention rate of more than 98% year over year.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.