Director, Cloud Security

You Belong at Greenway

Bring your best and truest self. We celebrate what makes us different and what brings us all together. At Greenway Health, we are committed to an inclusive environment and a culture of belonging as we pursue our purpose of healthier communities, successful providers, and empowered patients. We are united in our goal to build the future of healthcare technology. Join us.

The Director, Cloud Security will report directly to the Chief Information Security Officer and is responsible for developing, implementing, and maintaining Greenway Health’s cloud security, application security, and Identity and Access Management Architectures. This will include working closely with the Product and Technology organization to identify and implement the needed security controls for our public and private cloud infrastructure. They will also be responsible for creating an enterprise Identity and access management architecture for Greenway associates, products, and services. Deep technical knowledge of DevSecOps and a good understanding of software development lifecycles are a must. In addition, deep technical knowledge of Identity management, which includes zero trust, FIDO 2, and other identity concepts, is required. The ideal candidate will have experience deploying solutions in a public cloud environment, a working knowledge of multiple programming languages, and a deep understanding of information security concepts. Experience with the NIST 800-53 and the HiTrust framework is a definite plus.

Essential Duties & Responsibilities

• Serves in a leadership role responsible for assessing and evaluating security risk compliance, security standards, and secure communications across multiple locations.
• Serves as a member of the IT leadership team that initiates, facilitates, and promotes activities to foster information security awareness within the organization.
• Provides leadership, direction, and guidance in assessing and evaluating information security risks and trends, monitors evolving threats, risks, and vulnerabilities, and ensures compliance with security standards and appropriate policies.
• Remediates and applies tools necessary to mitigate risk.
• Conducts regular reviews and feedback regarding the security roadmap to ensure that it meets regulatory compliance standards, current security protocols, and other standards and methodologies including, but not limited to, HIPAA security, HITRUST, NIST CSF, 42 CFR, and any additional applicable security and privacy laws.
• Collaborates with various stakeholders to proactively develop, communicate, and implement annual and long-range security and compliance goals; define security strategies, metrics, reporting mechanisms, and program services; and create maturity models and roadmaps for continual program improvements
• Maximizes the effectiveness of installed security systems and cloud-based infrastructure and leads the assessment, evaluation, and implementation of new technologies and enterprise security processes as appropriate.
• Sets and reviews KPIs in all key functional areas relevant to the organization’s security practices and roadmap.
• Implements and oversees the effective management of technical and administrative controls and provides e leadership of cross-functional response teams (e.g., Security, IT, Legal, Compliance) to investigate and remediate security incidents.
• Coordinates and tracks all IT and security-related audits, including the scope of audits, units involved, timelines, auditing agencies, and outcomes. Works with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the organization in its best light. Provides guidance, evaluation, and advocacy on audit responses.
• Provides experience and expertise in developing and executing risk-driven information security programs to meet business objectives in a landscape of rapidly evolving consumer expectations, market conditions, regulatory requirements, and threat factors.
• Works with executive management to devise proper resourcing and budget needs.
• Manage multiple technical projects simultaneously across various platforms and groups.
• Handle escalations from support to the Cloud team.
• Constantly seek opportunities to streamline existing processes by introducing automation, tools, or infrastructure to scale the business.
• Manage vendor relationships for managed services and other 3rd party providers.
• Provide cross-platform feedback into development on hosting improvements.
• Design and implement methods that consolidate and optimize operations across the platforms.
• Identify needs across the organization to build reusable platforms

Experience and Education

• High school diploma/GED
• Bachelor’s degree in cyber security, computer science, or related field; or an equivalent combination of education and/or experience.
• Ten (10) + years of software development and information security experience required.
• Five (5) + years of public cloud experience required.
• Certified Information System Security Professional (CISSP) required
• HiTrust and Certified Cloud Security Professional (CCSP) or comparable certification preferred.
• Proven track record in the information security or technology space in highly regulated environments, a background in healthcare IT is a plus.

Skills, Knowledge, and Abilities

• Expertise in information security, technology, and risk management is essential.
• Business and financial acumen to include budgeting and forecasting.
• Ability to build solid business plans which include appropriate ROI and related business analysis and justification.
• Is a strategic and tactical thought leader, a consensus builder, and an integrator of people and processes.
• Outstanding verbal and written presentation skills are essential in this position.
• Ability to get “hands-on” and act as a utility player on the team.
• Naturally curious, learning leader.
• Demonstrates initiative and adds value to the role and the team.
• Demonstrates ability to achieve functional transformation, change management, and collaboration across multiple organizational levels.
• Ability to prioritize tasks with competing urgency.
• Knowledge and understanding of regulatory requirements related to healthcare IT.
• Ability to take a proactive and collaborative approach to security and develop a security and quality culture within Greenway Health.
• Adept at creating and communicating a clear vision throughout the team to align resources to achieve functional area goals.
• Ability to travel up to 20%

Work Environment/Physical Demands

• While at work, this position is primarily a sedentary job and requires that the associate can work in an environment where they will consistently be seated for the majority of the work day.
• This role requires that one can sit and regularly type on a key board the majority of their work day.
• This position requires the ability to observe a computer screen for long periods of time to observe their own and others’ work, as well as in-coming and out-going communications via the computer and/ or mobile devices.
• The role necessitates the ability to listen and speak clearly to customers and other associates.
• The work environment is an open room with other associates and noise from others will be part of the regular work day.
• This position requires up to 20% travel.

Here’s what we can offer you in exchange for your amazing work: 

• Competitive pay
• Medical, dental and vision benefits
• Matching 401(k) 
• Generous paid time-off programs
• Education reimbursement
• Growth potential for your career
• Corporate discounts

At Greenway, we strive to imagine, empower, engage, and inspire. Join us!

To learn more about Greenway, take a video tour of our office, and meet our employees, visit us at www.GreenwayHealth.com/careers.

 

Disclaimer: This Job Summary indicates the general nature and level of work expected of the incumbent(s). It is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities required of the incumbent. Incumbent(s) may be asked to perform other duties as requested. Greenway Health, LLC is an Equal Opportunity Employer. We do not discriminate on the basis of race, religion, age, gender, national origin, sexual orientation, disability, or veteran status.  

If you are a Colorado resident, please email us at recruiting@greenwayhealth.com to receive compensation and benefits information for this role. Please include the Job ID in the subject line of the email.

#LI-REMOTE 

•

Last updated on Oct 18, 2024