Chief Information Security Officer

Join Aya Healthcare, winner of multiple Top Workplace awards! 

Aya Healthcare is seeking a seasoned Chief Information Security Officer (CISO) to join our executive team. The CISO will be instrumental in determining security priorities that align with our business objectives, focusing on information, data, infrastructure, and endpoint security. This role demands a visionary leader with a robust understanding of security policy, governance, and compliance frameworks. 

Who We Are: 

We’re a $10+ billion, rapidly growing workforce solutions provider in the healthcare industry. We deliver tech-enabled services that help healthcare organizations meet and manage their contingent labor needs. We build and manage tech-enabled marketplaces for national and local healthcare talent and deliver contingent labor management solutions through our proprietary software platform.  

At Aya, we’re obsessed with creating exceptional experiences for our clients, clinicians, and employees. In fact, we put employee satisfaction above all else. Our team members are responsible for incomparable customer experience and we know that happy employees are critical to maintaining happy clients. We foster an entrepreneurial, high-energy, low-bureaucracy culture and value innovative thinking and creative problem solving. We embrace diversity in thought and backgrounds unified by a commitment to high achievement. When you join Aya, you’ll be surrounded by teammates who care about you as an individual and leaders who will help you grow both personally and professionally. 

Responsibilities: 

• Strategic Security Management: Improve, develop, and execute the organization's information security strategy, aligning with business objectives and regulatory needs. Ensure the protection of information, data, and infrastructure assets while ensuring continuity of operations. 
• Policy and Control Development: Lead the development and implementation of comprehensive security policies, procedures, and controls to safeguard sensitive information assets. 
• Incident Management: Oversee the management of security incidents, including response, investigation, and resolution processes to minimize the impact of security breaches. 
• Team Leadership and Oversight: Provide guidance and oversight to the IT security team, fostering a culture of accountability, collaboration, and continuous improvement. 
• Cross-functional Collaboration: Collaborate with cross-functional teams to integrate security best practices into business processes and the systems development lifecycle. 
• Risk and Compliance: Conduct regular risk assessments and security audits, identify vulnerabilities, and recommend remediation measures. Ensure compliance with legal, regulatory, and policy requirements to minimize or eliminate fines and damages. 
• Stakeholder Liaison: Serve as the primary liaison with internal and external stakeholders on security-related matters, negotiating and managing contracts with security service providers. 
• Industry Awareness: Stay updated on modern and emerging threats and trends in information security, advising the security team and senior leadership on risk mitigation strategies. 

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Systems, or a related field; Advanced degree highly preferred. 
• Certified Information Systems Security Professional (CISSP) or equivalent certification required. 
• At least 10 years of experience in information security management, with 3+ years in a senior leadership role. Experience as a CISO or equivalent in a large organization (preferably with a minimum of 6,000 employees, both nationally and internationally, and a 600+ person technology organization). 
• Strong project management experience in a matrixed, Agile environment
• Extensive knowledge of security protocols, cryptography, authentication, authorization, and security. 
• Strong familiarity with frameworks like CIS, NIST, SOC, PCI-DSS, ISO 27001, and others. 
• Excellent leadership, interpersonal, and communication skills. Proven ability to lead people and processes and to develop and execute strategic initiatives. 
• Ability to engage with stakeholders and foster an environment of collaborative problem-solving. 
• Excellent problem-solving skills, with the ability to analyze complex, multivariate problems and use a systematic approach to gain quick resolution. 
• Strong organizational and leadership skills with ability to listen to multiple points of view and synthesize against goals for recommendations. 

What We Offer: 

• Free premium medical, dental, life and vision insurance 
• Generous 401(k) match 
• Aya also offers other benefits to those that are eligible and where required by applicable law, including reimbursements and discretionary bonuses 
• Aya provides paid sick leave in accordance with all applicable state, federal, and local laws. Aya’s general sick leave policy is that employees accrue one hour of paid sick leave for every 30 hours worked. However, to the extent any provisions of the statement above conflict with any applicable paid sick leave laws, the applicable paid sick leave laws are controlling 
• Celebrations! We hit our goals and reward ourselves.  
• Company-sponsored virtual events, happy hours and team-building activities are always on the horizon — plus, you get a special treat on your birthday! 
• Unlimited DTO — we believe in time off!  
• Virtual yoga, meditation or boot camp classes offered daily 

Compensation: Aya reasonably anticipates the pay scale for this position to be an annual salary of $250,000 to $300,000. 

The pay scale for this position may vary if applicant possesses experience outside of what Aya reasonably anticipates for this position. Bonuses are subject to the role and your manager’s discretion. 

Aya is an Equal Opportunity Employer (EEO), including Disability / Vets, and welcomes all to apply. Please click here for our EEO policy