
Information Security Manager
Posted 6 days ago

Posted 6 days ago
This is a fully remote position, open to applicants in United States.
• Accountable for guiding a team of security analysts to safeguard enterprise systems and Protected Health Information (PHI), ensuring adherence to HITRUST, HIPAA, SOC 2, and related regulatory frameworks while enhancing detection, response, and governance capabilities.
• Oversee the daily management of security operations and ongoing compliance monitoring.
• Promote cybersecurity maturity through the continuous enhancement of controls.
• Regularly assess and manage the organization's cyber and technology risk posture.
• Direct Marathon Health’s internal and outsourced security teams in executing the strategic roadmap established by our Chief Information Security Officer (CISO).
• Supervise the security team's response to incidents and breaches.
• Manage the completion process for security assessments related to prospects, clients, and third parties.
• Identify and address vulnerabilities.
• Maintain and enhance SOC2/HITRUST CSF certification; ensure the operationalization of security control ownership, evidence collection, and audit readiness across all relevant domains.
• Bachelor’s degree in computer science, information systems, cybersecurity, or a related field.
• At least 2 years of experience in people leadership within security, including acting as the final decision-maker for hiring, development, and performance management, or an equivalent combination of education and experience.
• Background in healthcare technology, health systems, or digital health, with a solid understanding of HIPAA, PHI governance, and clinical system dependencies.
• Experience in owning or co-owning HITRUST CSF certification (or a comparable compliance framework such as SOC 2, ISO 27001).
• HITRUST Certified Common Security Framework Practitioner (CCSFP) or an equivalent HITRUST training certification.
• One or more professional security certifications: CISSP, CISM, or CISA.
• AWS Security Specialty or an equivalent cloud security certification.
• CRISC (Certified in Risk and Information Systems Control).
• AI governance or responsible AI certifications (e.g., ISACA AI Audit certificate, Certified AI Governance Professional).
• Travel requirements of up to 15% for team meetings, clinic visits, and audit support.
• Comprehensive Health & Wellness Benefits: Choice of 2 medical plans, 2 dental plans, and vision coverage, unlimited free mental health benefits and EAP resources, Rewards for challenges and healthy lifestyle activities.
• Family Friendly & Reproductive Health Benefits: Family-building and hormonal health benefits and paid parental leave.
• Time-Based Benefits: Generous PTO or FTO, Paid Holidays + A Day for What Matters.
• Financial Support: Company-paid Basic Life and Disability insurance, Supplemental Life, Spending Accounts, 401(k) with employer match and graded vesting.
• Continuing Medical Education (CME) to maintain and enhance the knowledge, skills, and expertise of our health center teammates, as applicable.
Fusion Consulting
Dome Group
DoorDash
AppGate
Get handpicked remote jobs straight to your inbox weekly.