Apply on Employer Site

bswift · 14 hours ago

Senior Manager, Information Security

United States

Full-time

Remote

Senior Level, Lead/Staff

8+ years exp

bswift is a leading benefits administration company that specializes in providing tailored solutions for clients. The Senior Information Security Manager plays a critical leadership role in protecting sensitive healthcare data and enabling trust in a cloud‑based SaaS platform.

Health CareInformation TechnologySoftware

Responsibilities

Lead execution of the enterprise information security program aligned with business objectives, regulatory requirements, and risk tolerance

Translate security strategy into prioritized roadmaps, operational plans, and measurable outcomes

Maintain and evolve security policies, standards, and procedures for a healthcare SaaS environment

Act as a trusted security advisor to Product, Engineering, IT, and Customer Operations

Ensure strong safeguards for PII and PHI throughout the benefits lifecycle

Support customer security due diligence (questionnaires, audits, BAAs)

Partner with Legal and Privacy on risk assessments and regulatory‑appropriate incident handling

Own or support compliance with HIPAA/HITECH, HITRUST CSF, and SOC 2 Type II

Oversee threat detection/response, vulnerability management, IAM, endpoint security, and incident response processes

Lead or coordinate security incident response, including containment, communication, and executive updates

Drive continuous improvement through post‑incident reviews and control enhancements

Partner with Engineering and Infrastructure teams to secure AWS and/or Azure environments, CI/CD pipelines, and SaaS architecture

Ensure security is embedded into SDLC, cloud design, configuration management, and change management

Promote secure‑by‑design and defense‑in‑depth principles

Manage MSSPs/MDRs supporting day‑to‑day security operations

Lead RFPs, vendor evaluations, contract negotiations, and renewals

Oversee third‑party risk for vendors accessing sensitive benefits data

Define and track security KPIs, KRIs, and control maturity measures

Provide concise, meaningful reporting to the CISO and executive leadership

Communicate risks and recommendations in business‑focused language

Build, mentor, and develop a high‑performing security team

Foster a culture of accountability, collaboration, and continuous improvement

Lead security awareness and training programs

Champion a security‑first mindset that supports innovation

Qualification

Information Security LeadershipHealthcare Data RegulationsCloud Security (AWS/Azure)Incident Response ManagementSaaS Security ProgramsVendor Risk ManagementProject ManagementSecurity Awareness TrainingCommunication SkillsTeam LeadershipCollaboration Skills

Required

8+ years of information security experience, including 3+ years in leadership or people management

Experience operating security programs in SaaS, benefits administration, HR tech, or healthcare‑adjacent environments

Strong working knowledge of: HIPAA/HITECH, HITRUST CSF, SOC 2, NIST CSF or ISO 27001

Hands‑on experience with: SIEM / MDR, Endpoint protection / EDR, IAM, Vulnerability management tools

Strong understanding of cloud security (AWS and/or Azure)

Demonstrated incident response leadership and regulator‑appropriate communication

Experience managing vendors, MSSPs, and third‑party risk programs

Strong project/program management skills

Bachelor's degree in Information Security, Computer Science, or related field, or equivalent practical experience

Preferred

CISSP, CISM, CISA, or similar certifications

Experience supporting large healthcare customers, payers, or providers

Familiarity with GDPR or CCPA

Experience scaling security programs in high‑growth or private‑equity‑backed SaaS companies

Comfortable participating in customer calls and audits as a SME

Benefits

Comprehensive Health Benefits: Access to health, dental, and vision plans to support your wellness and that of your family.

Competitive Compensation: A compensation package that recognizes your skills, experience, and contributions, including performance-based incentives for most roles.

Retirement Savings Plans: Options to help you plan for a secure financial future with employer-sponsored retirement savings programs.

Professional Development: Opportunities for career growth, including training and access to resources to support your career progression.

Supportive Culture: A work environment that encourages collaboration, open communication, and creative problem-solving, where your voice and ideas are valued.

Employee Wellbeing Initiatives: Programs focused on mental health, financial planning, and wellness resources to help you thrive inside and outside of work.