• Lead a team of 5 direct reports with a matrix organization of 35-40 globally diverse associates
• Responsible for growing the organization that is growing in 2024
• Develop and implement a strategic, long-term information security strategy and roadmap to ensure that Availity’s information assets, and those of its customers under management at Availity, are adequately protected
• Work with senior leaders across the business to assess and communicate acceptable levels of risk
• Identify, evaluate and report on information security risks, practices and projects to the Executive Committee and the Board of Directors , and provide subject matter expertise on security standards and best practices e.g. FFIEC, Dodd-Frank, SOX, PCI, etc.
• Develop, mentor, and manage a high performing staff of information security professionals
• Develop the Board’s understanding of security beyond a ‘compliance-only’ view
• Lead the development of up-to-date information security policies, procedures, standards and guidelines, and oversee their approval, dissemination, and maintenance
• Ensure that the security management program is compliant with applicable laws, regulations, and contractual requirements
• Act as the champion for the enterprise information security program and foster a security-aware culture
• Oversee the evaluation, selection and implementation of information security solutions that are innovative, cost-effective, and minimally disruptive
• Partner with enterprise architects, infrastructure, and applications teams to ensure that technologies are developed and maintained according to security policies and guidelines
• Manage regular intrusion detection and vulnerability reporting, internal and external IT audit groups reviews, and the coordination of all required fixes
• Develop business metrics to measure the effectiveness of the security management program, and increase the maturity of the program over time
• Monitor the industry and external environment for emerging threats and advise relevant stakeholders on appropriate courses of action.
• Liaise with law enforcement and other advisory bodies as necessary to ensure that the organization maintains a strong security posture
• Oversee incident response planning and the investigation of security breaches, and assist with any associated disciplinary, public relations and legal matters
• Oversee and lead the creation, communication and implementation of a process for managing vendor risk and other third-party risk
• Lead due diligence and post integration activities related to information security for all M&A activity

Requirements:

• Bachelor's Degree in computer science, engineering, or a related field; (graduate degree preferred).
• 10+ years of IT and/or business leadership experience
• 5+ years of information security/cybersecurity experience
• Proven experience delivering quality solutions in a SaaS environment
• Understanding of Cloud, SaaS, and IoT architectures, and their implications on information security strategy, with previous experience in creating appropriately secure operating environments in the Cloud
• Proven experience leading globally diverse teams and working closely with C-suite executives
• A proven track record in developing information security policies and procedures, and successful execution
• Extensive knowledge of business risk, risk assessment and risk-based decision making
• Able to communicate security and risk-related concepts to both technical and non-technical audiences (in business terms), including board level
• Proven ability to address and present information to a Board of Directors and/or Executive leadership team
• A natural influencer and coalition builder; passionate about building high performing teams
• Ability to inspire and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals; an innovative leader, problem solver and consultant
• Ability to evangelize IT security to make it a critical part of business operations; build trust and respect for the security function
• Excellent written and verbal communication, interpersonal and collaborative skills
• Experienced with contract and vendor negotiations
• Experienced in incident and crisis management with the ability to effectively prioritize and execute tasks in high-pressure situations
• Knowledge of security, risk and control frameworks and standards such as HITRUST, ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL
• Technical acumen including but not limited to: OSI, IT infrastructure, Cloud, application development languages, tools and frameworks, database technologies, web technologies, next gen mobile, network architecture, enterprise architecture, and directory services
• Security technology acumen and experience including but not limited to: firewall, intrusion detection, cyber-attack tools and defenses, encryption, certificate authority, web filtering, anti-malware, anti-phishing, identity and access management, multi factor authentication
• Professional certifications, such as a CISSP, CISM, CISA
• Ability to travel 10-15%

Preferred:

• Medical industry experience including payer and provider spaces
• Experience consulting with Big Four firms
• Master of Business Administration degree

• Sponsorship, in any form, is not available for this position.
• Location: Remote US
• Why work on this team:
• Lead in a high-profile role that interacts regularly with the Availity’s Board of Directors and C-suite executives
• Maintain and grow a world-class information security function at an organization operating the nation’s largest healthcare network connecting 2 million providers to every health plan in the US and processes over 13 billion transactions annually
• Join a forward-thinking team of technology leaders who work together toward the common goal of bettering the overall healthcare system, including collectively navigating an on-prem to cloud migration and leveraging AI and Machine Learning in our SaaS offerings
• Availity culture and benefits:
• Availity is a certified “Great Place to Work”, a “Best Workplaces for Technology Companies”, a “Best Workplaces for Women” and a “Best Workplaces for Millennials”!
• Culture is important to us and there are many ways for you to make your mark here!
• We have several Diversity & Inclusion teams and various ways to engage with fellow Availity associates. “Availadies”, “Beyond Black”, “HOLA”, “Availity Pride”, “VetAvaility” a Young Professionals Group and “She Can Code IT” a group for women in tech are some of the groups you can get involved in.
• Availity is a culture of continuous learning. We have many resources and experts in our tech stack and in our industry that can help get you there too!
• We offer a competitive salary, bonus structure, generous HSA company contribution, healthcare, vision, dental benefits and a 401k match program that you can take advantage of on day one!
• We offer unlimited PTO for salaried associates + 9 paid holidays. Hourly associates start at 19 days of PTO and go up from there with all the same holiday benefits.
• Interested in wellness? We allow our associates to reimburse up to $250/year for gym memberships, participation in racing events, weight management programs, etc.
• Interested in furthering your education? We offer education reimbursement!
• Availity offers Paid Parental Leave for both moms and dads, both birth parents and adoptive parents.
• Want to work for an organization that gives back to the community? You’re at the right place! Availity partners with various organizations, both locally and nationally, to raise awareness, funds and morale as our staff members volunteer their time and funds to engage the organizations campaign.
• Next steps in process: After you apply, you will receive text/email messages thanking you for applying and then you will continue to receive more text/email messages alerting you as to where you are in the recruitment process.
• Interview process:
• Recruiter resume review
• Manager resume review
• Recruiter video interview
• CISO video interview
• Executive leadership video interviews (4)
• Final CISO video interview
• Availity is an equal opportunity employer and makes decisions in employment matters without regard to race, religious creed, color, age, sex, sexual orientation, gender identity, gender expression, genetic information, national origin, religion, marital status, medical condition, disability, military service, pregnancy, childbirth and related medical conditions, or any other classification protected by federal, state, and local laws and ordinances.
• Availity is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.
• NOTICE: Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States. When required by state law or federal regulation, Availity uses I-9, Employment Eligibility Verification in conjunction with E-Verify to determine employment eligibility. Learn more about E-Verify at http://www.dhs.gov/e-verify.