Chief Information Security Officer

Description

Soleo Health is seeking a Chief Information Security Officer to enhance and safeguard our company's IT infrastructure. Join us in Simplifying Complex Care!

Soleo Health Perks:

Competitive Wages  

401(k) with a Match 

Referral Bonus    

Paid Time Off 

Great Company Culture     

Paid Parental Leave Options 

Affordable Medical, Dental, & Vision Insurance Plans 

Company Paid Disability & Basic Life Insurance 

HSA & FSA (including dependent care) Options 

Education Assistance Program   

The Position:

The Chief Information Security Officer (CISO) will report directly to the Chief Information Officer (CIO) and holds a pivotal executive technology leadership role. This position is crucial for shaping and executing the company's cybersecurity strategy, ensuring the protection of information assets, and maintaining compliance with industry standards within the healthcare sector. The CISO will develop, recommend, and implement comprehensive security measures that leverage advanced technologies and best practices to safeguard sensitive data while adhering to healthcare regulations. Responsibilities include:

• Cybersecurity Strategy Development: Develop and implement a robust cybersecurity strategy that aligns with the organization's overall objectives and industry standards. Apply a risk-based approach to identify, prioritize, and mitigate risks to enhance patient data security and protect against cyber threats.
• Governance and Compliance: Establish and enforce information security policies to ensure data integrity, confidentiality, and compliance with healthcare regulations, including HIPAA, HITRUST, and HITECH. Develop frameworks for consistent security practices across the organization.
• Healthcare Data Security: Implement advanced data security measures to protect sensitive healthcare information. Ensure compliance with data privacy laws and safeguard patient information from breaches and unauthorized access. Lead efforts to enable the organization to achieve HITRUST certification.
• Risk Management: Conduct regular risk assessments and vulnerability analyses to identify and address potential security threats. Prioritize action plans based on a risk-based approach to minimize potential impact. Develop and maintain incident response plans to manage data breaches and other security incidents effectively.
• Security Infrastructure Management: Lead the design and implementation of scalable security architecture tailored to healthcare applications. Ensure the efficient and secure collection, storage, and retrieval of data across all business units.
• Team Leadership: Build and manage a lightweight, high-performing information security team over time, fostering a culture of continuous learning and innovation. Develop training programs and career paths to attract, retain, and grow top cybersecurity talent.
• Cross-Functional Collaboration: Work with senior leaders to integrate security measures into all aspects of the business. Promote a security-centric culture and advocate for proactive risk management and data protection.
• Technology and Vendor Management: Evaluate and implement cutting-edge security technologies and tools. Manage relationships with external vendors and partners to ensure optimal solutions and services, focusing on healthcare-specific technologies and compliance requirements. Develop a framework to efficiently assess new technology software and partner requests within the organization. 
• Performance Measurement: Develop and track key performance indicators (KPIs) to measure the effectiveness of security initiatives. Provide regular updates to the executive team on the progress and impact of security strategies, particularly in relation to compliance, risk reduction, and incident response.

Requirements

• Bachelor’s degree in information security, Computer Science, Information Technology, or related field; advanced degree in Information Security, Business Administration, Healthcare Administration, or a related discipline preferred
• Minimum of 10-15 years of experience in information security and technology roles, with extensive experience in the healthcare sector including familiarity with healthcare data security practices, regulations, and standards.
• Expertise in advanced security technologies (e.g., encryption, intrusion detection, DLP, incident response) and proficiency in security management tools and platforms (e.g., SIEM, IDS/IPS, DLP).
• Strong understanding of security architecture and infrastructure design tailored for healthcare applications.
• In-depth knowledge of healthcare regulations, such as HIPAA, HITRUST, and HITECH, with experience ensuring compliance with healthcare data privacy and security standards.
• Proven ability to lead and manage a high-performing security team, with experience in talent management, training program development, and fostering a culture of continuous learning and innovation.
• Ability to formulate and execute security strategies that align with business objectives and industry standards, driving transformational change and positioning the organization as a leader in healthcare data security.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with senior leaders and cross-functional teams, and strong advocacy for security-centric decision-making.
• Experience evaluating and implementing cutting-edge security technologies and tools suitable for healthcare environments, managing relationships with external vendors and partners.
• Ability to develop and track key performance indicators (KPIs) to measure the effectiveness of security initiatives, with experience providing regular updates to the executive team.

About Us: Soleo Health is an innovative national provider of complex specialty pharmacy and infusion services, administered in the home or at alternate sites of care. Our goal is to attract and retain the best and brightest as our employees are our greatest asset. Experience the Soleo Health Difference! 

Soleo’s Core Values:

• Improve patients’ lives every day 
• Be passionate in everything you do 
• Encourage unlimited ideas and creative thinking 
• Make decisions as if you own the company 
• Do the right thing 
• Have fun! 

Soleo Health is committed to diversity, equity, and inclusion. We recognize that establishing and maintaining a diverse, equitable, and inclusive workplace is the foundation of business success and innovation. We are dedicated to hiring diverse talent and to ensuring that everyone is treated with respect and provided an equal opportunity to thrive. Our commitment to these values is evidenced by our diverse executive team, policies, and workplace culture.   

Soleo Health is an Equal Opportunity Employer, celebrating diversity and committed to creating an inclusive environment for all employees. Soleo Health does not discriminate in employment on the basis of race, color, religion, sex, pregnancy, gender identity, national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an organization, parental status, military service or other non-merit factor.