SVP, Information Security

Louisville, KY

Waystar Health logo
Waystar Health
Apply now Apply later

Posted 1 month ago

Waystar modernizes healthcare payments through innovative, cloud-based technology. We provide the highest-rated client experience to more than 450,000 providers, 22,000 healthcare organizations and 750 health systems and hospitals around the country. Together, our technology, data and client support streamline workflows and improve financials for our clients, so that they can focus on their patients. We are deeply committed to living out our organizational values: honesty; kindness; passion; curiosity; fanatical focus; best work, always; making it happen; and joyful, optimistic and fun.
The SVP of Information Security is the strategic owner of all information security activities related to the availability, integrity and confidentiality of information in compliance with Waystar’s security policies.  You will work with stakeholders across different functions, including but not limited to Product, Engineering, IT, Internal Audit & Business Leadership and lead all aspects of application security, corporate security, security operations and engineering. You will develop, implement, maintain, and continually improve the strategic and risk-based Information Security and Data Privacy program, ensuring that team member, company and client information assets are protected.

Responsibilities

  • Implements and monitors a strategic, comprehensive enterprise-wide information security and IT risk management program
  • Provides direction and oversight for security tools and systems (IDS, IPS, VPN, WAF, DLP, Anti-Virus, Anti-Malware, honeypots, SEIM, Vulnerability Scanners, Web Proxies, Forensic toolkits, MFA, key management) in a heterogeneous computing environment that spans multiple physical and virtual data centers
  • Works across departments to facilitate cyber risk assessment and management processes to ensure consistent application of information security policies
  • Develops and enhances the information security management framework
  • Provide updates to ELT (and/or Board) as it relates to information security issues or concerns
  • Assists with the overall business technology planning, providing current knowledge and future vision of security awareness and systems
  • Serves as an internal consultant advising leadership on all information security questions, concerns and suggestions for current and future state
  • Directs the performance of risk assessments, vulnerability management, penetration testing and patch management for Unix/Linux, Mac, Windows systems and web applications
  • Works closely with engineering to proactively identify and fix security flaws and vulnerabilities
  • Other technology-related duties and assistance as required

Skills/Experience

  • Bachelor's degree or similar college level education in business, technology or related field
  • Hold a known industry security certification such as those from ISC2 or ISACA
  • 15+ years of relevant work experience including demonstrable ability to lead and coordinate critical programs and multi-functional efforts
  • Strong working knowledge and understanding of key concepts in Information Security, Risk Management, and Compliance, including application security, network security, and security operations
  • Understanding of corporate Governance, Risk, and Compliance functions
  • Familiarity with well-established security standards and frameworks such as ISO 27001, NIST SP 800-53, GDPR and HIPAA, HiTrust, SOX, and COBIT
  • Demonstrated ability to lead, mentor, grow and develop a team
  • Strong analytical writing skills and presentation skills
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
Waystar provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Job tags: CoBIT Compliance GDPR HIPAA HITRUST IDS IPS ISO 27001 Linux Malware Network security NIST Penetration testing Risk assessment Risk management Unix Vulnerabilities Vulnerability management Windows
Job region(s): North America
Job stats:  9  2  0
Share this job: