Vice President of Information Security
Evive was founded by two people who wanted to challenge the status quo...and did. Since 2007, that spirit has defined our culture. The work we do is redefining how people use their employee benefits, with SaaS-based services that help people to improve their lives and Fortune 1000 enterprises to optimize their benefits investments. We strive every day for the ideal of #benefitslove. Are you one of us?
The Vice President of Information Security is responsible for overall coordination and oversight of data security compliance, including providing guidance to employees, users, and service providers on their responsibilities pertaining to information security.
Responsibilities:
- Lead the development and publishing of up-to-date security policies, standards, and guidelines, and the company-wide training and dissemination of security policies and practices.
- Responsible for overall coordination and oversight of compliance with Business Associate Agreements and ensure that policies and procedures required by these agreements are developed and implemented in a timely manner.
- Ensure that security programs are in compliance with relevant laws, regulations, and policies to minimize or eliminate risk and audit findings.
- Provide leadership and guidance on the adherence to and implementation of Evive’s IT security policies and controls.
- Sign off on all Data Security Program-related policy and procedure documents.
- Maintain and apply current knowledge of applicable federal and state privacy laws and accreditation standards.
- Manage risk assessment and risk mitigation with respect to data security, including, but not limited to, the coordination of annual penetration testing, vulnerability assessments, and any remediation plans.
- Establish process-specific training for all staff who have access to sensitive information.
- Oversee, direct, and deliver (or ensure delivery) of privacy training and orientation to all employees.
- Provide answers/analyses to address questions and concerns from management.
- All other duties as assigned.
Qualifications:
- BA in computer science, data security, or related discipline.
- 10+ years of security information experience with success in leading a security discipline, preferably in a growth environment.
- CISM or CISSP
- Experience in security audits and inspections from Fortune 500 companies.
- Strong knowledge of information security principles, standards, practices, and technologies.
- Proven understanding of information security risk assessment and risk management procedures and methodologies.
- Ability to correlate enterprise risk with appropriate administrative, physical, and technical security controls.
- Proven record of delivering business critical projects within challenging time frames, multiple stakeholders groups and competing priorities.
- Strong ability to write, edit, and maintain policies to be used across the organization that ensure compliance with information security initiatives.
- Experience with contracting, writing, reviewing and executing agreements with clients and service providers to ensure that these agreements are in compliance with federal privacy laws and in compliance with information security policies.
Evive takes care of its teammates. Here are our current benefits:
- Competitive salaries with annual bonus pay
- Paid Time Off—both for vacation and volunteering
- Paid Sick Time
- Employer-paid medical insurance + subsidized vision, dental, and short-term disability insurance
- Voluntary life and AD&D insurance
- 401(k) with up to 2% company match
- Student loan assistance program
- Employee assistance program
- Pre-tax commuter benefit + convenient location (right off the CTA blue line and Union Station)
If you’re prepared to go big, go bold, and go beyond, you’re ready to go Evive.
Apply now!