Chief Information Security Officer

Posted 3 Days Ago
Hiring Remotely in USA
Remote
203K-410K Annually
Expert/Leader
Healthtech • Machine Learning • Social Impact • Software
Our mission is to raise the standard of healthcare for everyone.
The Role
The Chief Information Security Officer leads the Information Security team, focusing on safeguarding data for patients, employees, and third-party vendors. Responsibilities include defining security strategies, collaborating across departments, managing security programs, maintaining certifications, and overseeing budget and resources to align with business objectives.
Summary Generated by Built In

The Chief Information Security Officer will be the leader of Information Security at Included Health. This position's primary responsibility is safeguarding patient, employee, customer, and third-party vendor data. You will be responsible for leading the team that designs, builds, implements, and maintains a world-class security program end to end. You will also be the representation for information security with our customers, prospects, investors, and board members.


Security is a strategically important pillar of our business, critical for the sustained growth of our company. This position is an exciting opportunity that requires strong technical competency, a proven managerial track record, and transformational leadership to continue the evolution of our enterprise security program for the future. Bring your best self, sense of humor included - we work hard, but we like to play hard too.

Duties and Responsibilities:

  • Set the mission, vision, and strategy for the Information Security organization and execute to keep our members’ data safe
  • Build trust, whether working cross-functionally with internal stakeholders (like Engineering or Legal) and collaborating externally with our customers, including CISOs and other Security professionals at Fortune 100 companies.
  • Collaborate in a consultative manner with clear focus on our company’s objectives delivering on our mission for our members and clients
  • Provide thought leadership and guidance while ensuring teams are engaged and focused on short-term priorities while establishing the long-term strategy
  • Evangelize information security internally and externally, both with employees and company leadership as well as investors, clients & prospects, as well as board-level committees
  • Continuously expand on the information security roadmap with the respective leaders in the Infosec organization
  • Execute leadership and oversight for the implementation and automation of security capabilities, systems, and services - drive and evangelize the different functions within Information Security to business units and critical stakeholders across the Enterprise, including but not limited to IDS/IPS, SIEM, Vulnerability Management, Architecture Review, SAST/DAST, WAF, Incident Response, and Third Party Risk Management.
  • Manage internal and external security/risk assessments, programs, penetration testing, bug bounty, vulnerability management, etc.
  • Set the strategy and provide oversight to maintain existing security certifications (SOC2 Type 2 and HITRUST), and keep an eye on the future (e.g., FedRAMP and PCI ROC).
  • Collaborate with audit, compliance, and privacy departments to maintain and enhance shared capabilities within the business, product, and services that Included Health provides.
  • Manage capacity, budget, and resource allocation to meet growth initiatives and to ensure alignment with high-value projects to revenue generation, cost reduction, and business objectives.
  • Engage with Senior Leadership to create visibility into relevant Security topics, provide updates on the threat landscape, and discuss mitigation strategies.
  • Set the direction for creating and/or maintaining documentation of relevant standard operating policies and procedures and incorporating OKRs and KPIs to drive and measure the success of the Information Security program.

Qualifications:

  • Previous security leadership experience, ideally leading a Security function
  • Excellent communication skills at an executive level and the ability to dive deeper and document and explain technical details clearly and concisely
  • Previous experience leading Product Security, Governance Risk & Compliance, and Security Engineering
  • Operating expertise in cloud-based service offerings such as AWS, GCP, and Azure
  • Experience in building and scaling a well-rounded security program, including benching to SOC2 / HITRUST / HIPAA standards using NIST controls
  • Thorough understanding of the current threat and attack landscape, latest security trends, and principles
  • Security certifications such as CISSP, OSCP, or CISM are preferred
  • Ability to work collaboratively and cross-functionally across the Enterprise required
  • B.S. / B.A. degree or relevant work experience

Physical/Cognitive Requirements:

  • Prompt and regular attendance at assigned work location.
  • Ability to work shifts of at least 8 hours, 5 days per week.
  • Ability to thrive in a fast-paced, high-intensity work environment.
  • Ability to remain seated in a stationary position for prolonged periods.
  • Requires eye-hand coordination and manual dexterity sufficient to operate keyboard, computer and other office-related equipment.
  • No heavy lifting is expected, though occasional exertion of about 20 lbs. of force (e.g., lifting a computer / laptop) may be required.
  • Ability to interact with leadership, employees, and members in an appropriate manner.

The United States new hire base salary target ranges for this full-time position are:


Zone A: $203,330 - $287,210 + equity + benefits

Zone B: $233,830 - $330,292 + equity + benefits

Zone C: $254,163 - $359,013 + equity + benefits

Zone D: $264,329 - $409,708 + equity + benefits


This range reflects the minimum and maximum target for new hire salaries for candidates based on their respective Zone. Below is additional information on Included Health's commitment to maintaining transparent and equitable compensation practices across our distinct geographic zones.


Starting base salary for the successful candidate will depend on several job-related factors, unique to each candidate, which may include, but not limited to, education; training; skill set; years and depth of experience; certifications and licensure; business needs; internal peer equity; organizational considerations; and alignment with geographic and market data. Compensation structures and ranges are tailored to each zone's unique market conditions to ensure that all employees receive fair and competitive compensation based on their roles and locations. Your Recruiter can share details of your geographic alignment upon inquiry.


In addition to earning a base salary, this role is eligible for a performance-based bonus. Details of the Annual Bonus Plan, including performance metrics, target incentives, and potential earnings, will be discussed during the interview process.


Benefits & Perks:

In addition to receiving a competitive pay, the compensation package may include, depending on the role, the following: 

Remote-first culture

401(k) savings plan through FidelityComprehensive medical, vision, and dental coverage through multiple medical plan options (including disability insurance)

Full suite of Included Health telemedicine (e.g. behavioral health, urgent care, etc.) and health care navigation products and services offered at no cost for employees and dependents 

Generous Paid Time Off ("PTO") and Discretionary Time Off (“DTO")

12 weeks of 100% Paid Parental leave

Up to $25,000 Fertility and Family Building Benefit Compassionate Leave (paid leave for employees who experience a failed pregnancy, surrogacy, adoption or fertility treatment) 

11 Holidays Paid with one Floating Paid Holiday

Work-From-Home reimbursement to support team collaboration and effective home office work 

24 hours of Paid Volunteer Time Off (“VTO”) Per Year to Volunteer with Charitable Organizations


Your recruiter will share more about the benefits package for your role during the hiring process.


#LI-CG1

Top Skills

Information Security
The Company
HQ: San Francisco, CA
2,000 Employees
Hybrid Workplace
Year Founded: 2011

What We Do

Included Health is a new kind of healthcare company, delivering integrated virtual care and navigation. We’re on a mission to raise the standard of healthcare for everyone. We break down barriers to provide high-quality care for every person in every community — no matter where they are in their health journey or what type of care they need, from acute to chronic, behavioral to physical. We offer our members care guidance, advocacy, and access to personalized virtual and in-person care for everyday and urgent care, primary care, behavioral health, and specialty care. It’s all included. Learn more at includedhealth.com.

Why Work With Us

Here, initiative meets purpose. We have bold aspirations that drive our work. We care in a way that shows in everything we do. At Included Health, you will join a team that is propelled by the opportunity to redefine healthcare for all. It's work worth caring about.

Gallery

Gallery

Similar Jobs

SimplePractice Logo SimplePractice

Chief Information Security Officer

Healthtech • Software • Telehealth
Easy Apply
Remote
Santa Monica, CA, USA
440 Employees

Wipfli Logo Wipfli

Software Selection & Process Improvement Construction Consultant

Cloud • Fintech • Software • Business Intelligence • Consulting • Financial Services
Remote
United States
3300 Employees
79K-132K Annually

Wipfli Logo Wipfli

Compliance Consultant I

Cloud • Fintech • Software • Business Intelligence • Consulting • Financial Services
Remote
Hybrid
Milwaukee, WI, USA
3300 Employees

Affirm Logo Affirm

Staff Product Security Operations Engineer (Incident Response Lead)

Big Data • Fintech • Mobile • Payments • Financial Services
Easy Apply
Remote
United States
2200 Employees

Similar Companies Hiring

InCommodities Thumbnail
Renewable Energy • Machine Learning • Information Technology • Energy • Automation • Analytics
Austin, TX
234 Employees
RunPod Thumbnail
Software • Infrastructure as a Service (IaaS) • Cloud • Artificial Intelligence
Charlotte, North Carolina
53 Employees
Hedra Thumbnail
Software • News + Entertainment • Marketing Tech • Generative AI • Enterprise Web • Digital Media • Consumer Web
San Francisco, CA
14 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account