VP of Information Security
As VP of Information Security, you’ll be responsible for creating and managing a global, enterprise wide security strategy and program. Reporting to the CTO, you will work cross functionally with our Engineering, Product, Operations, and HR teams to create strategies, policies, and frameworks as they relate to application security, compliance, and security operations.
What You'll be Doing:
Define and drive Sword's Information Security roadmap, strategy, tactics, and execution
Architect programs and processes that evaluate and enhance Sword's Information Security policies and ensure the security of Sword's security perimeter through monitoring, remediation, reporting, and auditing
Partner with Sword's engineering and product teams during scoping and execution of all roadmap deliverables to ensure that security concerns are treated as first class product requirements
Respond appropriately and effectively to security-related incidents and report back to key internal and external stakeholders
Participate in externally requested security audits from partners
Lead efforts to continuously review and update company-wide Information Security policies to align with industry best practices
Oversee and coordinate security efforts across the company alongside Privacy, Engineering, Ops, HR, Product, and more
Stay up to date with IT/Security industry trends and evaluate new solutions & techniques
Launch company-wide security initiatives and training
Partner with commercial and customer success teams to support customer acquisition and retention.
What You'll Need to Have:
~10 years of experience building and leading security teams focused on all aspects of cybersecurity, including identity management, software security, GRC, and security operations, with increasing responsibilities
Overseen security teams and vendor management
Experience leading SOC 2, HITRUST, CMMC, FedRAMP or similar audits and/or certifications
Ability to lead and motivate cross-functional teams while thriving in a fast-paced growing company
Self-motivation and drive to go above and beyond
Excellent communication, interpersonal and leadership skills, able to communicate security concepts to both technical and nontechnical audiences
Experience with IT risk management standards, practices, methods, and frameworks including ISO 27001, COBIT and NIST CSF
Drive the implementation of an effective digital health program to enhance the patient experience and improve overall outcomes
Expertise in healthcare financial management, including IT budgeting, financial planning, and operations.
We'd Love to See:
Superior level of mentorship, leadership, and collaboration
Professional certifications such as CISSP, CISM, etc are preferred
Prior experience in digital health and health care
Experience in a high growth company
Possesses a functional knowledge of ITIL practice
Experience in building clinical informatics, digital health, and data analytics programs
Demonstrated understanding of cyber security and potential threats/current landscape
Functional knowledge of Epic Electronic Medical Records (EMR) system.