Manager, Information Security

Position Summary

The Manager of Information Security is a critical leadership role responsible for establishing and scaling our security operations capabilities to protect our healthcare SaaS platform, customer data (PHI/PII), and corporate infrastructure

.
This role will lead the design and implementation of our 24/7 Security Operations Center strategy through managed security service provider (MSSP) partnership, expand our vulnerability management program beyond production to encompass all corporate assets, and establish the security architecture standards that will support our rapid growt

h.
As our security operations leader, you'll bridge strategic planning with hands-on technical execution. You'll own the MSSP vendor selection, contract negotiation, and ongoing relationship management while serving as escalation point for security incidents. You'll develop incident management plans and help the team practice them regularly. You'll define security requirements for cloud environments, establish data classification processes, and ensure our security controls meet SOC2, HIPAA, and other compliance requirements. This role requires someone who can architect solutions including forward-looking metrics to track efficacy, roll up their sleeves to implement the solutions, and report out with a high degree of autono

my.
Key Relationsh

ips
Reports To: Director of IT & Sec

urity
Key Internal Par

• tners:DevOps & Engin
• eeringGR
• C TeamIT Engin
• eeringIT Oper
• ationsLegal & P
• rivacyExecutive Lead

ership
Key Accountabi

lities Security Operations Center (SOC) Strategy & MSSP Man

• agement
  Lead vendor selection process for 24/7 MSSP partnership, including RFP development, vendor evaluation, and contract neg
• otiationOwn ongoing MSSP relationship including performance management, escalations, SLA tracking, and quarterly business
• reviewsDefine monitoring requirements, use cases, and alert logic from our systems to the MSSP to the responsible parties inside Mac
• roHealthPartner with DevOps and IT teams to ensure relevant logs are consistently delivered to our SIEM and MSSP monitoring
• platformEstablish incident escalation procedures and coordinate incident response ac
• tivitiesTune detection rules and reduce false positives through continuous opti

mization
Vulnerability Managemen

• t Program
  Expand vulnerability management program from production-only to comprehensive corporate asse
• t coverageOwn and optimize Nessus vulnerability scanning platform, including deployment to corporate networks and
• endpointsEstablish vulnerability assessment procedures, remediation SLAs by severity, and tracking
• mechanismsPartner with IT Operations, DevOps, and Engineering teams on remediation prioritization and
• executionEstablish vulnerability management metrics and executive reporting on ri

sk posture
Security Architecture &

• Engineering
  Define security requirements and standards for cloud environments (AWS/Azure) in partnership with DevOps and
• EngineeringWork with DevOps to define SAST/DAST requirements and monitor for adherence; establish "Secure by Design
• " principlesDesign and implement data classification framework to support DLP, compliance, and dat
• a governanceLead deployment of DSPM, DLP, and data governan
• ce workflowsArchitect endpoint security solutions including EDR/XDR
• capabilitiesDefine logging and monitoring requirements for production, pre-production, and corporate
• environmentsPartner with IT Operations on identity security, SSO/MFA implementation, and privileged identit

y management
Incident Response & Securi

• ty Operations
  Develop and maintain security incident response playbooks
• and proceduresCoordinate cross-functional incident response efforts involving IT, Engineering, DevOps, Legal, and execut
• ive leadershipLead tabletop exercises and incident response simulations to tes
• t preparednessConduct post-incident reviews and implement l

essons learned
Compliance &

• Risk ManagementOwn all security-related SOC2 controls including evidence collection, testing, an
• d audit liaisonEnsure security controls meet requirements for HIPAA (Business Associate), CCPA, PIPA, and other applica
• ble regulationsPartner with GRC team on security risk assessments and risk tre
• atment planningMaintain audit-ready documentation for security configurations, controls,
• and proceduresSupport annual SOC2 audits and address security-r

elated findingsSecurity Prog

• ram Development
  Develop and maintain multi-year security roadmap aligned to business growth an
• d risk landscapeEstablish security awareness training program in partnership
• with HR and GRCIdentify opportunities for security automation and to

ol consolidation
Knowledge, Ski

lls and AbilitiesTe

• chnical Expertise
  Deep knowledge of security operations center (SOC) capabilities, SIEM platforms, and s
• ecurity monitoringHands-on experience with vulnerability management tools (Nessus, Qualys, R
• apid7, or similar)Strong understanding of cloud security architectures (AWS and/or Azure) and cloud-native
• security controlsExperience with endpoint detection and response (
• EDR/XDR) platformsWorking knowledge of data loss prevention (DLP) technologies and data classif
• ication frameworksKnowledge of identity and access management, SSO, MFA, and privileged

access managementIncident Response &

• Threat ManagementProven experience leading security incident investigations and coordinatin
• g response effortsKnowledge of common attack vectors, TTPs, and MITRE AT
• T&CK frameworkExperience conducting root cause analysis and implementing reme
• diation strategiesAbility to analyze security events, correlate indicators, and ide

ntify true threatsCompliance &am

• p; Risk Management
  Deep understanding of SOC2 requirements and security
• control frameworksKnowledge of HIPAA Security Rule and PHI/PII prot
• ection requirementsFamiliarity with ISO 27001, NIST CSF, and other information
• security frameworksAbility to translate compliance requirements into technica

l security controls
Communicat

• ion & Leadership
  Excellent communication skills with ability to explain security risks to no
• n-technical audiencesStrong presentation skills for executive leadership and
• board-level reportingAbility to influence without direct authority and build c
• onsensus across teamsExperience managing vendor relationships and negotiating ser

vice level agreements
Required Ed

• ucation and Experience
  5+ years of progressive experience in information security, security operations, or sec
• urity engineering roles3+ years of hands-on experience with SIEM platforms (Splunk, Sentinel,
• Chronicle, or similar)2+ years of experience managing vulnerabil
• ity management programsDemonstrated experience with SOC operations, security monitoring
• , and incident responseExperience supporting SOC2, ISO 27001, or simila
• r compliance frameworksProven track record managing vendor relationship

s and service providers
Preferred

• Education and Experience
  Bachelor's degree in Information Security, Computer Science, Information
• Systems, or related fieldCISSP (Certified Information Systems Security Professional) or simil
• ar security certificationGIAC certifications (GCIH
• , GCIA, GMON, or similar)AWS Certified Security Specialty or Azure Securi
• ty Engineer certificationExperience implementing and managing MSSP or SOC-
• as-a-Service partnershipsExperience with Microsoft Purview, Azure Information Protection, or simil
• ar DLP and DSPM platformsBackground in both security operations and se
• curity architecture rolesExperience scaling security programs

in high-growth co

mpanies
C

ore Competencies:One Team:Act as one team with fello

w MacroMates and customersValue humility,

low ego, and collaborationMaintain an All for

One, One for All at

titude
Deliver on

Promises:Do the right thing

Do what you say you will doWork with a sense

of urgency and

transparency
Macro Thinking:Challenge yourself and others to think boldly,

bigger, and into the futu

reLead with a Growth MindsetAct as a thought leader