Information Security Manager

Chase passion. Pursue wellness. Be the best part of our customers’ day. These are some of the core values we hold at Widen, and why we’ve repeatedly been voted one of Madison's Best Places to Work since 2015.

Summary

The Information Security Manager is responsible for the Information Security Management System program across the organization including frameworks, measurement, audits, and compliance with both internal policies and external certification/attestation bodies. This position identifies, evaluates, and reports on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. The Information Security Manager’s role is to act as an interface between the Executive team’s strategic direction and the work of the technology-focused analysts, engineers, and administrators across the organization.

Essential Duties

• Serve as ISMS Manager driving our ISO, HIPAA, and future compliance initiatives
• Perform an Annual Risk Assessment
• Maintain Data Classification framework
• Maintain Asset Inventory framework
• Serve as primary risk evaluator for the Vendor Management Program
• Provide direction and support as needed to Widen Security Analyst(s)
• Maintain and develop security policies that prepare us for our desired growth and inherent risks
• Act as lead for privacy concerns at Widen working in coordination with the contracted Virtual Data Privacy Officer
• Investigate reported vulnerabilities, assign risk based on findings, and drive remediation as appropriate
• Maintain internal vulnerability and penetration testing frameworks
• Audit AWS infrastructure for compliance and submit remediation findings to appropriate teams
• Implement a system for log analysis and security event management
• Maintain, audit, and drive remediation for configuration and patch management solutions and deficiencies
• Develop and maintain access policies and frameworks
• Evaluate security plans to ensure the integrity of new and/or existing business operations
• Translates and designs security requirements.
• In coordination with the Director of Technical Operations, present a quarterly State of Information Security report to the Executive committee
• Prioritize diversity, equity and inclusion in your every day work to create an environment of respect
• Work closely with the Director of Technical Operations to maintain the five-year security roadmap and bring that vision to realization.
• Assist with Information Security Policy communication and security awareness to business units.
• Hold membership on the ISMS Tactical Committee and ISMS Strategic Committee.
• Protect the confidentiality, integrity, and availability (CIA) of Widen and customer information held, in any form.
• Other duties as assigned

Essential Qualifications

• At least 5 years of relevant experience
• Excellent communication and collaboration skills
• Expert knowledge of Information Security Management System frameworks and paradigms
• Expert knowledge of at least one compliance attestation or certification: ISO 27001, HIPAA, SOC2, etc.
• Ability to translate security requirements into actionable business solutions
• Ability to interface with customers directly on topics of security and compliance
• Ability to learn and adapt to new technologies quickly and become productive in their use
• Strong knowledge of software development security principles, concepts, and best practices

Preferred Qualifications

• At least 8 years of relevant experience
• SSCP or CompTIA Security+ certification
• Understanding of AWS Identity Access Management or comparable cloud security controls

Widen offers an extensive benefits package, including medical, dental, vision, life, and disability insurance; 401(k) with company match; and PTO. Besides the competitive compensation and benefits package, Widen believes in a flexible work schedule, community involvement, parental leave, life-work balance, and the benefit of wellness.   Widen team members have the option to work remotely, from the Madison office, or a combination of both. This position can be performed from anywhere within the continental United States. Access to the Madison office and other amenities are available to all employees — no matter their chosen work setup or home location.   Visit www.widen.com to watch customer video interviews, learn more about the product offering, and understand our history of marketing technology innovation.   Widen is an equal opportunity employer and we prioritize diversity, equity, and inclusion in the workplace and throughout the hiring process. It is our goal to provide a high-performance work environment where employees are respected, included, and valued.