Virtual Chief Information Security Officer – vCISO
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Virtual Chief Information Security Officer leading information security and compliance initiatives at a healthcare platform. Ensuring secure technology systems and serving as a strategic advisor to leadership.
Responsibilities:
- Own the strategy, design, implementation, and continuous improvement of Triplemoon's information security and compliance program.
- Ensure ongoing compliance with HIPAA and healthcare security best practices.
- Lead readiness efforts for future SOC 2 certification and other security frameworks as needed.
- Develop, maintain, and document security policies, procedures, and controls.
- Coordinate security incident response, investigation, remediation, and post-incident reviews.
- Support customer security questionnaires, audits, and compliance requests.
- Partner with leadership to identify, assess, and mitigate information security risks.
- Manage and oversee an IT MSP or MSSP who can implement security controls and compliance within SaaS vendors and IT systems.
- Provide tiered end-user support for hardware, software, and SaaS application issues.
- Provide device and asset management.
- Manage identity and access, including systems for onboarding and offboarding.
- Maintain system documentation, operating procedures, and technology standards.
- Recommend and implement improvements to strengthen security, scalability, and user experience.
- Conduct security reviews of third-party vendors and software platforms.
- Maintain required security documentation, including BAAs, DPAs, SOC reports, and related compliance artifacts.
- Monitor vendor compliance and support periodic risk assessments.
Requirements:
- 7+ years of experience in information security, IT administration, compliance, or related roles.
- Experience serving as a vCISO, security leader, or senior security consultant.
- Strong knowledge of HIPAA Security Rule requirements and healthcare security best practices.
- Experience preparing organizations for SOC 2 audits and other compliance frameworks.
- Experience supporting early-stage startups or high-growth healthcare organizations.
- Hands-on experience administering Google Workspace, identity management platforms, endpoint management tools, and SaaS environments.
- Familiarity with remote workforce security and cloud-first technology environments.
- Excellent documentation, communication, and stakeholder management skills.
- Ability to operate independently while serving as a strategic advisor to company leadership.
Benefits:
- Competitive, based on experience and scope
Similar Jobs
Information Systems Security Officer – Part-time
Information Systems Security Officer managing IT security and protecting sensitive information for federal clients. Leading risk management and compliance efforts while collaborating with various stakeholders.
Security & Compliance Engineer
Security & Compliance Engineer for ARGO-HYTOS Group. Ensuring information security and compliance in a global IT environment.
Senior Security Engineer
Senior Security Engineer focused on securing infrastructure through technology deployment and incident response for a digital asset protection at ARC-One Solutions.
Azure Solutions, Security Architect
Azure Solutions Architect leading security-focused Azure cloud solutions at Ascend Technologies. Designing scalable architectures, ensuring compliance, and mentoring teams in Agile environments.
Presales Security Expert – National Partners
Presales Security Expert supporting and enabling Fortinet's Canadian partners with solutions and technical improvements. Involving multi-team collaboration and direct partner engagement for effective results.
Senior Information Security Engineer
Senior Information Security Engineer responsible for implementing security solutions for enterprise environments. Collaborating with teams to enhance security architecture and manage stakeholder relationships.
Intern, Blue Team
Internship position in Cyber Security at It4us focusing on Blue Team operations and security analysis. Supporting various tasks involving Linux, development, and threat monitoring.
Security Engineer – Client Consulting
Threat Protection Security Engineer at Cyclotron deploying Microsoft Defender and Sentinel for enterprise organizations. Collaborating with security engineers to improve protection of Microsoft-based assets in cloud and on-premises environments.
Security Controls Assessor – OSCAL, Part Time
Security Controls Assessor conducting security compliance assessments and reports for U.S. Government and Commercial clients. Required experience with OSCAL and NIST guidelines.
Security Controls Assessor
Security Controls Assessor developing compliance frameworks for federal clients using NIST, RMF, and FISMA. Conducting assessments and creating security plans with a focus on continuous improvement.
Senior Security Engineer
Senior Security Engineer managing Microsoft 365 security stack for compliance and threat detection. Collaborating cross-functionally to enhance security controls and respond to incidents.
Mid-level Cybersecurity Engineer
Cybersecurity Engineer focusing on offensive security and penetration testing in a fully remote role. Requiring extensive experience in web applications and modern environments.
AI Engineer – Offensive Security
AI Engineer designing and building LLM-powered systems for offensive security work. Collaborating on agent architecture and integration of security tools in a remote setting.
Senior Strategic Account Manager, Data Center – Security
Strategic Account Manager for integrated security solutions at Johnson Controls. Focused on expanding relationships with contractors and driving revenue growth in security systems.
Network Security Architect, Cybersecurity Expert, Palo Alto certified
Senior Network Engineer specializing in Palo Alto security solutions for Kapres Technology. Working fully remote from Morocco with expertise in Fortinet and cybersecurity.
Security and Compliance Manager
Security and Compliance Manager overseeing compliance and assurance at Semaphore. Ensuring audit readiness and maintaining security processes within a remote-first software company.
Security Alignment Engineer
Security Alignment Engineer safeguarding clients' IT infrastructure at Onsite Logic. Conducting audits, providing technical support, and enhancing security posture for clients.
Network Security Engineer
Network Security Engineer focusing on architecture and engineering for network security with Zero Trust principles. Involves Zscaler environments, firewall management, and collaboration with architects and SOC teams.
Business Analyst Level 3, Security Coordinator
Business Analyst Level 3 - Security Coordinator for healthcare IT consulting firm. Responsible for overseeing security administration and user provisioning in a remote position.
Administrador de Sistemas Microsoft, Identidad, Seguridad
Administrador/a de Sistemas Microsoft especializado en seguridad e identidad para servicios remotos. Administración y soporte de entornos Microsoft en la nube, híbridos y locales.