Skip to content

Vice President, Business Information Security Officer


Company: Gainwell Technologies
Expected salary:
Location: California
Vaga de Vice President, Business Information Security Officer

Job description: SummaryThe BISO will combine leadership skills with security and compliance understanding, focus on security challenges in the current and future state of business operations, and prepare the accounts team with the right tools, skills, resources, relationships, and capabilities against increasing information security risk. This position will create the strategy and the execution plan for end-to-end security operations, compliance, stakeholder engagement, disaster recovery, and talent management. The BISO will be responsible for chairing a California Risk Council made up of representatives from all the in-force contracts in the State.The leader should have healthcare domain knowledge, preferably Medicaid operations, and a background of working with State agencies in Security and Compliance areas. A strong technology and security background with an understanding of security and compliance frameworks (including best practices with respect to the protection of data), State healthcare agencies’ requirements (preferably CA), strong product architecture understanding, and managing customers and cross-functional teams. The leader will develop and implement security and compliance strategies to meet and exceed customer needs and comply with Gainwell’s security goals.The leader will bring credibility and experience in building and evolving a high-performance security organization. This leader will have the emotional intelligence and persona to collaborate and work with diverse constituents, including senior clients, and communicate effectively with those diverse constituents. The leader will focus on increasing the security and compliance-related capabilities at optimal cost by leveraging the global workforce and industry optimal solutions. The leader will be at the forefront of managing the security and compliance-related conversations with the customers.Your role in our mission
  • Operate as a thought leader to build strategy and execution plan for running security and compliance functions of multi-hundred-million-dollar technology and services operations for the State health departments.
  • Responsible for all aspects of end-to-end operations of security operations; this includes evaluating the security threats, both internal and external, across the IT infrastructure, devising policies and controls in alignment with customers’ policies and Gainwell internal security policies, and building and managing the teams to perform the security operations.
  • Responsible for all aspects of security compliance activities; this includes understanding customers’ compliance requirements, Gainwell’s internal compliance requirements, industry best practices, and legal and regulatory framework.
  • Responsible for all aspects of disaster recovery and business continuity planning and readiness activities; this includes cyber resilience and rapid recovery from security infringement, coordinating with the cross-functional teams on disaster recovery capabilities and exercises.
  • Responsible for documenting and publishing security policies around compliance, governance, risk management, incident management, HR management (internal access controls), contractual commitments and legal requirements.
  • Responsible for managing the customers’ security liaison through proactive engagement and communications. Managing the customers’ requirements of documentation around compliance and security operations.
  • Collaborate with the architect leadership team and contribute to technical projects to make security and compliance a core focus area in product development. Build the vision and guide the team to improve the security framework at Gainwell.
  • Collaborate with current and potential external partners to constantly evaluate partners’ security and compliance framework.
  • Evaluate employee and contractor behavior and organizational culture to enhance security and compliance resilience.
  • Manage the overall security and compliance budgets across the in-force contracts in the State and improve the ROI on security and compliance investment through automation, right solutions, workforce productivity, and right shoring. Coordinate the security and compliance practices across the in-force contracts in the State consistent with Gainwell’s corporate practices and standards.
What we’re looking for
  • 12-15 years experience in account leadership roles such as information technology, delivery, or business process management.
  • Industry certifications in Information Security, such as CISSP, CISM, and CISA, and a minimum of fifteen years of experience in IT development, IT infrastructure, or security fields.
  • At least seven (7) years of previous account management experience in the healthcare industry. At least six years of experience as a CISO or senior security leadership position, managing all aspects of security and compliance strategic planning and operations.
  • Previous experience with a Medicaid Management System or major operations-related components of a Medicaid Management System or other large healthcare systems and ongoing relationship management with an extensive client.
  • A tenacious problem solver driven by the purpose of improving the overall security and compliance framework, operations (internal and external), and documentation of multi-hundred million dollar accounts.
  • Understanding of Medicaid/healthcare payor business and ecosystem. Understanding of the risk to the US healthcare system due to geo-political turbulence and economic motivations of bad actors.
  • At least six years of experience as a CISO or senior security leadership position, managing all aspects of security and compliance strategic planning and operations.
  • Good understanding of technology infrastructure and at least one major cloud infrastructure. Good understanding of product and solution architecture methodologies, ability to guide architects and product managers on solution design from security, compliance, and disaster recovery perspective.
  • Good knowledge of information security standards, rules, and regulations related to information security and data confidentiality and other various security standards and policies.
  • Strong interpersonal and communication skills with the ability to influence at all levels of the organization while being able to simplify complex topics for understanding and critical decision-making by the account management teams.
  • Ability to improve Gainwell branding through customer engagement by managing all security and compliance deliverables by setting development standards, optimal reviews, and a quality assurance process.
  • Strong financial understanding to manage the overall cost of the account delivery. Understanding of different optimization levers and their implications for customer success and financial stability of the account.
What you should expect in this role
  • Must be located in the state of California.