Vault Health is a digital healthcare company and a leading provider of at-home FDA-approved COVID testing in the United States. Our solution has been deployed to numerous local and state governments, airlines, universities, professional athletic teams, companies and organizations. To date, we've tested millions of people, providing accurate and timely information in the battle against COVID.
Founded in New York City in 2018, Vault Health specializes in Consumer Health, Population Health, and Clinical Trials. Our vision is to deliver seamless and modern healthcare experiences for diagnostics, treatment, and medical care - a digital experience that reduces the need for patients to have to set foot in a doctor’s office. Today, we need your help more than ever to battle the pandemic and build a next generation digital native healthcare company that will transform the world of healthcare.
About the Opportunity
- Architects, designs, implements, maintains and operates information system security controls and countermeasures; supervises and trains operators in the administration of these systems; documents the operation, use, and expected outputs of these systems.
- Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and provides oversight to ensure compliance.
- Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and provides oversight to ensure compliance.
- Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends to IT or executive management.
- Oversees the response to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; engages, interacts and coordinates with third-party incident responders, including law enforcement.
- Oversees the administration of authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
- Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; oversees risk and compliance self-assessments, and engages and coordinates third-party risk and compliance assessments.
- Analyzes and oversees the development of information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
- Oversees the development and administration of information security training and awareness programs.
- Works closely with Engineering and DevSecOps to design best practice and implementation to Cloud Security
- 8 - 10 years years of experience in Information Security/Cyber Security with 3 years in Security Architect role
- 5-7 years experience designing and implementing security controls for single web architect
- Strong experience interacting with DevSecOps team members, working in agile, rapid CI/CD programs, and technologies including microservices, containerized deployments and multiple data sources and repositories
- AWS experience preferred, familiarity with ECS, EKS, Kubernetes is a bonus
- Extensive experience in SAAS
- Experience with HIPAA and SOC2, NIST is a plus
- Experience in Healthcare or other highly regulated industries
- Bachelors' Degree in Info Sec, Cyber Security or Comp Sci, master's degree preferred
- SANS certification- ISC2 certification highly desired
Vault Health is an equal opportunity employer. All applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, disability, or veteran status.