Skip to content
Head of Cybersecurity
| Company | Covera Health |
|---|
| Location | New York, NY, USA |
|---|
| Salary | $185000 – $225000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior, Expert or higher |
|---|
Requirements
- 8+ years of experience in information security within the healthcare sector, with at least 3 years in a leadership role overseeing cybersecurity programs and initiatives.
- In-depth understanding of healthcare industry regulations and standards.
- Strong technical expertise in cybersecurity principles, technologies, and best practices, including network security, encryption, access controls, identity management, and security architecture.
- Demonstrated ability to identify, assess, and prioritize cybersecurity risks and develop effective risk mitigation strategies and controls.
- Proven leadership and communication skills, with the ability to effectively engage and influence stakeholders at all levels of the organization.
- Ability to think strategically and develop long-term security strategies aligned with business objectives and industry trends.
- Strong analytical and problem-solving skills, with the ability to analyze complex issues, identify root causes, and develop practical solutions.
- Experience working with Managed Service Providers.
- Bachelor’s degree in Computer Science, Information Security, or a related field. Advanced degrees and relevant professional certifications are a plus.
Responsibilities
- Develop and Implement Security Strategies: Design and implement comprehensive security strategies to protect our digital infrastructure, applications, and data assets.
- Ensure Regulatory Compliance: Stay abreast of healthcare industry regulations and standards (e.g., HIPAA, GDPR) and ensure compliance across all aspects of our operations.
- Risk Management: Identify, assess, and prioritize cybersecurity risks and develop mitigation plans to address vulnerabilities and threats.
- Security Architecture: Design and oversee the implementation of secure architecture for our digital platforms, including network security, encryption, access controls, and identity management.
- Incident Response and Crisis Management: Lead incident response efforts in the event of a cybersecurity breach or incident, including coordinating with internal teams and external stakeholders to mitigate the impact and ensure timely resolution.
- Security Awareness and Training: Develop and deliver security awareness programs and training initiatives to educate employees and stakeholders on cybersecurity best practices and procedures.
- Vendor and Third-Party Risk Management: Evaluate the security posture of third-party vendors and partners and ensure that appropriate security measures are in place to protect shared data and resources.
- Continuous Improvement: Drive a culture of continuous improvement by regularly assessing and enhancing our security posture through proactive measures, audits, and evaluations.
- Own Managed Service Provider strategy: Identify the need for MSPs to best support our infrastructure. Own relationships and outcomes.
Preferred Qualifications
- Advanced degrees and relevant professional certifications are a plus.
