Company

At Circulo, we believe that everybody, no matter who they are, deserves personalized and proactive health care. With services guided by empathy, innovation and cutting-edge technology, we’re building the future of care focused on better health for the people we serve. Circulo Health is putting humanity back in health. We’ve built a team of talented, enthusiastic professionals. Join us today.

The Role

Circulo is hiring a Director of Security to help build and manage a team focused on DevSecOps, application security, data security and compliance, incident response, and other security-related activities and functions. In this role you will partner closely with business stakeholders, our infrastructure and IT teams, and engineers across the organization to assess and improve the safety of our internal applications, and ensure our applications and data are secure and HIPAA compliant.

Who we are looking for in Information Security:

• You are a self-driven and motivated person with a strong passion for cybersecurity and excellent communication skills with diverse audiences, both oral and written.
• You have a proven ability to document information security processes, procedures, and validation of remediation. 
• You have a track record of seeing projects and efforts through to completion.
• You can interpret and consistently apply a wide variety of complex policies and procedures where specific guidelines may not always exist.
• You have a strong familiarity with cybersecurity fundamentals (e.g. authentication, authorization, confidentiality, integrity, availability, etc.) and in-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
• You have a working knowledge of industry compliance standards (e.g. HIPAA, FERPA, PCI, etc.) and an awareness of the current threat landscape.
• You have experience in security assurance practices (threat modeling, code and design reviews) and a history implementing SDLC programs and scaling security efforts.
• You have knowledge of MITRE ATT&CK Framework and penetration testing practices.
• You have eight (8)+ years of enterprise experience working in security-focused rolesYou have at least one cybersecurity certification, ideally CISSP (CISM, CEH, CompTIA Security+, etc.) 
• It would be great if you have experience working with AWS tooling.

Who we are looking for in Management Skills:

• You have the ability to interact with personnel at all levels across the organization and to comprehend business imperatives.
• You have the ability to work under pressure and instill confidence in other employees.
• You have the ability to make critical decisions and to maintain composure during critical events.
• You have strong analytical and research skills and the ability to gather, evaluate, and to develop well-reasoned conclusions and recommendations.
• You have an exceptional ability for maintaining confidentiality at all times.
• It would be great if you have experience conducting employee training.You have four (4)+ years of experience in a security management role.

What you will do

• As Director of Security, you will be the primary resource responsible for performing all tactical cybersecurity work at Circulo.
• You will be involved in Circulo’s compliance needs where they intersect with software products, information systems and information technology, and will participate in audits of Circulo's compliance and make recommendations for how to address any findings.
• You will participate in active threat intelligence efforts to ensure that Circulo is aware of changes to the threat landscape and will make recommendations for how to mitigate these threats, and implement the mitigations when approved.
• You will participate in all cybersecurity incident response activities, and depending on the scope of the incident, you may be the key person managing incident response
• You will proactively scan and monitor Circulo's technology ecosystem to identify existing, new or potential threats to Circulo.
• You will be a primary resource for providing a variety of cybersecurity trainings using different delivery methods to Circulo's employee base.
• You will manage a team of security engineers and managers, and will work with the CTO to manage team priorities, timelines and risk.
• Given large, ambiguous problems, you will independently determine solutions.
• You will influence senior leaders/engineers across teams on security engineering strategy, and you will stay aware of changes across the company to anticipate obstacles.
• You will hire new engineers and technical managers.
• You will mentor engineers and engineering managers, and manage engineer career development.

Our Perks...Here are some highlights:

• Medical, dental, and vision: 100% of premiums are covered by Circulo for quality care for all team members and their dependents
• Vacation: Time off is unlimited and required (minimum of 3 days per quarter)
• Stock options: All team members receive stock options
• 401(k) program: All team members have access to our 401(k) savings program and all administration costs are covered by Circulo along with providing a 3% match
• Parental leave: 10 weeks fully paid time off for all new parents with flexible scheduling

#BI-Remote

#LI-Remote