Infosec Manager

San Francisco, CA

Grand Rounds logo
Grand Rounds
Apply now Apply later

Posted 4 weeks ago

About us:Grand Rounds is a new kind of healthcare company. Founded in 2011, the company is on a mission to raise the standard of healthcare for everyone, everywhere. The Grand Rounds team goes above and beyond to connect and guide people to the highest quality healthcare available for themselves and their loved ones. Grand Rounds creates products and services that give people the best possible healthcare experience. Named a 2019 Best Place to Work by Glassdoor and Rock Health’s 2018 Fastest Growing Company, Grand Rounds works with inspiring employers and doctors to empower them to be the change agents we need to make our shared vision a reality.
About the role:Grand Rounds is looking to hire an Information Security Manager! In this role, you will be helping Grand Rounds change the standard of security in healthcare, and help us build our Security Engineering and Operations team. You will be working with developers, engineers, data scientists, and other professionals to ensure our platform, application, and member experience are secure.

Responsibilities:

  • Manage and grow the Security Engineering and Operations team at Grand Rounds for both corporate and cloud infrastructure, delivering to the organization's charter, roadmap, and OKRs
  • Establish and maintain a strong working relationship with the Platform Engineering and Corporate IT team to incorporate security best practices, process, and unify our capabilities between cloud and corporate infrastructure.
  • Define and build Grand Rounds’ IT Security program, and technology/architecture, including: Secure Access model, Network Security, and Endpoint Protection for the overall enterprise footprint.
  • Provide technical authority, vision, and guidance to plan, develop, and execute Information Security vision and roadmap.
  • Team player, influencer, and mentor for direct reports and other Information Security staff.
  • Drive operational efficiency and effectiveness for areas of responsibility.
  • Ensure strong documentation, knowledge overlaps, metrics-driven action.
  • Excellent communication skills to effectively inform and influence security recommendations and decisions along with building and maintaining relationships across the enterprise.

Qualifications:

  • Bachelor’s Degree in Computer Science or a related field and 10 years experience in Information Security.
  • CISSP, and/or CISM certifications.
  • Experience working with common security vendors (for endpoint, MSSP, and vulnerability management), budget forecasts, Jira workflows, and Information Security program management/technical program management.
  • Technical depth and breadth across a wide variety of Information Security domains and subjects: Network Security, Identity and Access Management, Security Engineering, Security Operations, Third Party Risk Management, Compliance, Security Policies, BCP/DR, and Product Security.
  • Self-starter, to help drive, define, and continue the buildout of the Security Engineering and Operations team, roadmap, and roles/responsibilities.
  • Discussion and collaboration mindset. Engaging in healthy, constructive debates is key to our teams to innovate and plan for the future, of which Information Security plays a key role.
  • Experience in implementing controls and supporting audit or evidence requests for information security compliance programs including PCI, ISO 27001, HITRUST, and SOC 2
  • Previous experience working in a startup environment
-----Grand Rounds is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics or any other basis forbidden under federal, state, or local law. Grand Rounds considers all qualified applicants in accordance with the San Francisco Fair Chance Ordinance.
Job tags: Architecture CISM CISSP HITRUST ISO 27001 Network security PCI SOC 2 Vulnerability management