Director of Information Security
Jellyvision is hiring a Director of Information Security
Jellyvision’s headquarters is in Chicago, and, post-COVID, many of us will be returning to the Chicago offices (by choice, not requirement -- our philosophy is “Flexible First”). But this position is also eligible for work by a remote employee out of CA, DC, FL, GA, IL, IN, KY, MA, MI, MN, NE, NY, NC, OH, OR, PA, SC, TX, UT, VA, WA, or WI.
What we do
We’re the proud parents of ALEX®, an interactive employee communications platform that makes choosing (and using) employee benefits easier and more enjoyable. Our credo is a simple one: be helpful. And we think the best way to achieve that is with a staff that reflects the vast range of ideas, perspectives, and experiences of the millions of people who use our products.
Who we are
Jellyvision is committed to continuous evolution and to fostering a more diverse and inclusive workplace where everyone is welcomed, valued, and respected. It doesn’t matter your race, ethnicity, religion, sexual orientation, age, marital status, disability, gender identity, sex, or country of origin...we just want amazing people who are willing to grow along with us.
How you’ll help
The Director of Information Security will be accountable for our Information Security program, and will ensure we continue our commitment to securing and protecting the information of our customers & users. This person will understand the importance of security and compliance, how they work differently, but also how they fit together as pieces of the protection puzzle. The Director will partner collaboratively with various stakeholders to create sustainable security practices to secure our SaaS platforms, as well as build trust with customers via Compliance programs.
Experience you’ll need
- 5+ years of experience directing an information security program.
- Leadership: knowledge as a senior information security leader within a highly regulated industry, as well as management skill sets for a team of information security and risk management professionals.
- Frameworks and standards: familiarity with one or more of the following NIST CSF, ISO 27001, SOC II or PCI
- Sales support: to sell our products, customers and partners must have confidence that Jellyvision’s infrastructure is sufficient to protect their data. You are in charge of making sure prospects are satisfied with our processes and protections – both by empowering others with accurate information and by front lining efforts with more challenging prospects.
- Application security: a working knowledge of application security, preferably in the healthcare industry, including having done security architecture reviews, knowledge of application technologies and frameworks, expert level knowledge of security weaknesses and vulnerabilities, expert level knowledge of remediation and mitigation techniques.
- Application development: expertise of modern application development practices, and how security can be weaved into the processes and the technology to enable secure solutions
- Risk management: proficient in running risk assessments and leading a risk management team.
- Healthcare industry: HIPAA implementation, preferably with an organization that did application development.
- Security Operations: hands-on experience working with either an internal or external security operations center, including experience working with an incident management program.
- Security Certified: one of the following security focused certifications: CISSP, CISM, or CISA.
Skills you’ll need
- Balances Stakeholders
- Communicates Effectively
- Decision Quality
- Instills Trust
- Manages Ambiguity
- Organizational Savvy
- Collaborates
Thanks for your interest in Jellyvision!