Vp, Information Security Jobs

Description

About us

LifeMD is an emerging leader in technology driven healthcare. We’re applying our direct-to-consumer marketing expertise to make access to quality care and medication convenient, cost-effective, and simple. Our brands are intensely focused on our patients, constantly striving to deliver a better end-to-end healthcare experience through technology. Our mission is to improve the health and happiness of our patients through telehealth.

About The Role

LifeMD is seeking a highly experienced, strategic, and technically savvy VP of Information Security to lead LifeMD’s information security and risk management program. The VP of Information Security will be responsible for developing, implementing, and maintaining policies, systems, processes, and controls that ensure the confidentiality, integrity, and availability of our information assets, safeguard our data, systems, and networks from unauthorized access, theft, or damage, and ensure compliance with all applicable laws and regulations.

The successful candidate must be able to balance the needs of an intrinsically digital, fast-paced environment with the rigor required to ensure that the company's information assets and systems are adequately protected. This role will combine advanced mastery of information security, risk management, compliance, and governance frameworks, with a deep understanding of the latest threats, vulnerabilities, and trends in the industry. The role will report directly to the Chief Technology Officer, working in close collaboration with the Company’s Legal and Compliance department.

Responsibilities

• Organize, implement and complete information system security audits, tests, assessments, and evaluations as required by internal and external sources
• Ensure that disaster recovery and business continuity plans are in place and tested
• Develop and implement a strategic, long-term information security strategy and roadmap to ensure that Company's information assets are adequately protected in compliance with industry standards as well as applicable laws and regulations
• Oversee the evaluation, selection, and implementation of information security solutions that are innovative, cost-effective, and minimally disruptive
• Assist as necessary to investigate security breaches and pursue associated disciplinary and legal matters
• Provide a clear, concise, accurate and timely status report to the CTO and Executive Leadership as required on both strategic and tactical matters
• Monitor the industry and external environment for emerging threats and advise relevant stakeholders on appropriate course of actions
• Lead the development of and implementation of up-to-date information security policies, procedures, standards, and guidelines, and oversee their approval, dissemination, and maintenance
• Plan and perform necessary information security due diligence on potential business partners, associates, and other third parties
• Liaise with regulators and other advisory bodies as necessary to ensure that the organization maintains a strong security posture
• Establish a schedule for and support internal IT departmental readiness audits
• Develop business metrics to measure effectiveness of the security management program and increase the maturity of the program over time
• Serve as information security lead and Company’s primary point of contact for company-wide information security issues, reporting to the CTO and working in close collaboration with Compliance/Legal departments
• Ensure that the security management program follows applicable laws, government regulations, and contractual requirements such as those included in the Health Insurance Portability and Accountability Act (HIPAA), state insurance and privacy laws, and relevant cybersecurity industry standards
• Help ensure company security principles, standards, policies, guidelines, and frameworks are applied in a manner that is scalable, reliable, and secure in supporting the business
• Partner with enterprise architects, infrastructure, and applications teams to ensure that technologies are developed and maintained according to security policies and guidelines
• Act as a champion for the enterprise information security program and foster a security-aware culture
• Keep current on new developments in healthcare related industries and new technology in systems security and computer technology
• Identify, evaluate, and report on information security risks, practices, and projects to the CTO and Executive Leadership Team, and provide subject matter expertise on security standards and best practices
• Work with senior leaders across the business to assess and communicate acceptable levels of risk
• Define the Information Security Strategy and Plan for the company in collaboration with the Chief Technology Officer, Privacy Officer, and the Chief Compliance Officer

Requirements

• Advanced knowledge of hardware, software, telecommunications, operating systems, and applications
• Ability to prioritize tasks and work with multiple priorities, sometimes under limited time constraints
• Ability to see the organization in terms of critical and highly interrelated work processes
• Advanced knowledge of industry standard security frameworks
• Ability to lead and communicate in a crisis situation
• Project management skills, with the ability to manage a team to coordinate all planning and implementation activities in system security and/or business continuity fields
• Advanced knowledge of HIPAA security and privacy standards
• Excellent communication skills, including writing reports and preparing documents for internal/external publication and presenting to groups of individuals
• Strong analytical problem solving, and workflow management skills demonstrated in a variety of settings; ability to listen carefully to others’ ideas and points of view before deciding how to proceed
• Experience leading and implementing projects and working collaboratively with other departments

Benefits

• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Short Term & Long Term Disability
• Training & Development
• Health Care Plan (Medical, Dental & Vision)