• Lead all aspects of enterprise information security, including threat detection, incident response, vulnerability management, and continuous monitoring. • Establish and mature a comprehensive Governance, Risk, and Compliance (GRC) framework aligned to healthcare industry standards (e.g., NIST, HITRUST, ISO 27001). • Continuously assess enterprise risk posture, prioritizing cybersecurity risks in alignment with clinical, operational, and financial risk frameworks. • Design and implement strategies to protect sensitive patient data, including Protected Health Information (PHI), Personally Identifiable Information (PII), and clinical data. • Ensure compliance with healthcare data security and privacy regulations, including HIPAA and HITECH, as well as state-specific privacy laws. • Oversee data governance, encryption, identity management, and secure data exchange across clinical systems (EHR/EMR), patient platforms, and third-party partners. • Own and manage IT risk, compliance, and IT General Controls (ITGC) programs in support of SOX and healthcare regulatory requirements. • Partner with internal audit, compliance, legal, and finance teams to ensure audit readiness and timely remediation of control deficiencies. • Maintain compliance with standards such as HIPAA, HITRUST, SOC 2, PCI-DSS (as applicable), and other healthcare-specific regulatory frameworks. • Lead security architecture across enterprise infrastructure, including cloud, hybrid, and on-premise environments supporting clinical and digital health platforms. • Drive secure cloud transformation initiatives, ensuring appropriate controls across IaaS, PaaS, and SaaS environments. • Partner with engineering, IT, and DevOps teams to implement DevSecOps practices and secure software development lifecycle (SDLC). • Lead enterprise incident response strategy, including preparedness, detection, containment, and recovery from cyber incidents. • Build, lead, and scale a high-performing information security organization, including security operations, risk, IT compliance functions. • Serve as a key advisor to executive leadership, the Board, and Audit/Compliance Committees on cybersecurity risk and strategy. • Drive enterprise-wide security awareness and training programs to foster a culture of security and compliance.

• Audit WordPress setup, hosting, plugins, forms, integrations, tracking tools, and user access. • Identify HIPAA, privacy, and security gaps related to PHI handling, encryption, access control, backups, logging, and third-party vendors. • Assess risks involving CRMs, analytics tools, email platforms, payment tools, APIs, and form builders. • Review overall website security posture and identify vulnerabilities or misconfigurations. • Provide a concise audit report with findings, risk levels, and prioritized remediation steps.

Role Description The selected candidate works within the Security Operations Center to improve, tune, and enhance security alerts, responses, and remediation of detected issues. The engineer will also work within the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and incident response capabilities. - Serves as the regional point of contact for security escalations/requests and escalates requests to Security architecture as needed. - Responsible for the identification and assessment of enterprise risks. - Identifies, evaluates, and tests appropriate security products, tools, and systems to ensure alignment with the CushWake global security posture. - Articulates security policies, guidelines, and standards to customers and developers. - Works independently within an established framework. - Develops techniques and procedures for conducting IS and cyber security risk assessments and compliance audits. - Implements IS and cyber security policies and takes measures against intrusion, frauds, attacks, or leaks. - Continues to build knowledge of the organization, processes, and customers. - Partners with Security Architecture on critical scope delivery. - Reviews security INC(s) to ensure proper processes have been followed and to identify additional IoA(s)/IoC(s). - Performs proactive threat hunting using hypothesis and telemetry from endpoints, identities, cloud, and network. - Serves as the security stakeholder for IR/MIM activities until Security Architecture and/or senior leadership can engage. Qualifications - Junior or Senior pursuing a Bachelor’s or Master’s degree in Computer Science, Engineering, Information Systems, Cybersecurity, or a related degree. - Experience in the security domain with exposure to tools such as CrowdStrike, ZScaler, Palo Alto, Mimecast, MS Defender is a plus. - Highly skilled and knowledgeable within the Microsoft environment and toolset. - Energetic and a quick learner. - Good communication skills with a positive attitude. - A willingness to learn new technology. - Experienced in incident response lifecycle and SLAs. - Any Security Certification is an added advantage. Requirements - Experience responding to security incidents in enterprise environments, with a deep understanding of the Incident Response cycle. - Deep understanding of Cybersecurity concepts, principles, and best practices. - Knowledge of Security frameworks and standards (e.g., NIST). - Comprehensive understanding of technical architectures including networking, application and system architecture, web technology, and common internet and ICS protocols. - Knowledge of Windows and MAC operating systems and their security features. - Understanding compliance requirements. - Experience with administrating or architecting solutions in: - Zscaler - CrowdStrike - Mimecast - Wiz - MS Defender - Emphasis on Identity, setting up and analyzing Conditional Access Policies. - Experienced operating as an administrator across security platforms and executing changes per the Security Architecture group's design. - Direct long-term tracking and analysis of Advanced Persistent Threat (APT) actors, including TTPs, infrastructure, and campaign evolution. - Guide the implementation of threat hunting methodologies using SIEM, EDR, and advanced telemetry. - Sponsor and oversee the use of statistical, spatial, and qualitative threat modeling. - Expert level understanding of standard risk classification schemes including CVSS. - Strong organization skills and effective communication on risk with experience presenting to an executive audience. - Mastery of cybersecurity core concepts & terminology, including the vulnerability management lifecycle. - Composure and clear thinking during high-pressure situations. - Capable of performing technical and business risk analysis on cybersecurity issues. - Ability to analyze problems, ask questions, and come up with potential solutions within the confines of our security standards. - Ability to work in multiple areas but track through issue resolution. Benefits - Health, vision, and dental insurance. - Flexible spending accounts. - Health savings accounts. - Retirement savings plans. - Life and disability insurance programs. - Paid and unpaid time away from work. - Competitive pay, which may vary depending on eligibility factors such as geographic location, date of hire, total hours worked, job type, business line, and applicability of collective bargaining agreements.

• Define reference architecture, technical standards, and reusable primitives for AI enablement services, the Security Operations Data Plane, and ecosystem integrations. • Establish standards for code quality, test-driven development, availability, and secure software engineering practices. • Engineer guardrails for AI-assisted and agentic workflows (bounded actions, least privilege, evidence logging, observability, auditability) and ensure secure-by-default configurations. • Ensure ingestion, transformation, schema discipline, enrichment, and analytics readiness are engineered for reliability, performance, and defensible operations. • When tooling operation is required, define integration contracts (APIs, schemas, telemetry, access controls), automate configuration, and ensure tooling adheres to ecosystem standards and monitoring. • Ensure platform services and operated tooling have runbooks, health signals, and repeatable remediation patterns. • Coach engineers, provide technical oversight, and serve as escalation point for complex design decisions and cross-product tradeoffs.