Senior Information Security Officer

Summary

As the Senior Information Security Officer (ISO), you will be accountable for all security-related compliance and delivery for the customer(s) assigned. In a typical engagement, you operate as a trusted advisor and security partner in the organization, working with senior management and focusing specifically on health care industry regulated security requirements and environments in relation to client business objectives. The Senior ISL helps interpret and explain operational issues and plans next steps from an information security viewpoint. This requires the ability to interact and influence at an executive management level within client organizations such as C-level IT leadership and IT Security leads. You will be able to demonstrate industry expertise and your working knowledge of security governance and compliance. Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the National Institute of Standards and Technology (NIST) 800-53 framework are the standard security frameworks that the Senior ISL will be reviewing, maintaining, and helping to assess on each designated account or health care product within Gainwell Technologies and its partners.

Your role in our mission

Compliance, operationally focused and security driven

Lead Security operational governance activities

Ensuring delivery excellence in security tooling and business operations (Ensuring avoidance of non-performance / non-compliance leading to contractual penalties).

Relationship management with Gainwell Technologies suppliers and the client.

Create and maintain an account security plan for the selected account(s) and Products

Manage and report security incidents from start to finish

Manage audit preparation, facilitation and remediation

Manage security risks and exceptions

Ensure knowledge and implementation of security fundamentals, policies, and standards (regulatory and contractual)

Escalate and resolve security issues

Coordinate delivery of security metrics and reporting in support of contractual commitment

What we're looking for

At least 5 years’ experience working in a risk management, audit, security, or technical delivery role

Bachelor or Master’s degree in Computer Science, Computer Studies, Information Security (or equivalent combination of education and experience)

Experience with and understanding of the security and auditing regulations

Experience with audit and compliance programs, including leading audits and remediation efforts

Experience with HIPAA, NIST, and FedRAMP

Excellent and effective communication skills

Ability to work effectively in diverse, multi-national and virtual environments

Self-motivated and tenacious

Demonstrate sound judgment and integrity

Ability to influence delivery personnel in the execution of security and compliance requirements

Experience as a Security consultant, architect and/or engineer

Experience in working with security management including information governance and compliance

Deep understanding and working knowledge of information security industry best practices with hands on experience

Experience of security processes and standards, in particular NIST 800-53 and/or ISO27001

Knowledge of security audit and accreditation processes

Ability to adapt to new security regimes.

CISSP certification, CISM/CISA or CRISC a plus

What you should expect in this role

Remote position (US only)

Opportunities to travel through your work (0-10%)

Video cameras must be used during all interviews, as well as during the initial week of orientation

The deadline to submit applications for this posting is 3/30/2026

The pay range for this position is [[salaryMin]] - [[salaryMid]] per year, however, the base pay offered may vary depending on geographic region, internal equity, job-related knowledge, skills, and experience among other factors. Put your passion to work at Gainwell. You’ll have the opportunity to grow your career in a company that values work flexibility, learning, and career development. All salaried, full-time candidates are eligible for our generous, flexible vacation policy, a , and educational assistance. We also have a variety of leadership and technical development academies to help build your skills and capabilities.