Cybersecurity Officer

About Waymark

Waymark is a mission-driven team of healthcare providers, technologists, and builders working to transform care for people with Medicaid benefits. We partner with communities to deliver technology-enabled, human-centered support that helps patients stay healthy and thrive. We’re designing tools and systems that bring care directly to those who need it most—removing barriers and reimagining what’s possible in Medicaid healthcare delivery.

Our Values

At Waymark, our values are the foundation of how we work, grow, and support one another:

• Bold Builders: We tackle the toughest challenges in care delivery by harnessing the power of community and technology.
• Humble Learners: We seek feedback, embrace diverse perspectives, and welcome challenges to our assumptions.
• Experiment to Improve: We use data to inform decisions and continuously assess our performance.
• Focused Urgency: Our mission drives us to act swiftly and relentlessly in pursuit of meaningful results.

If this resonates with you, we invite you to bring your creativity, energy, and curiosity to Waymark.

About this role

As the Cybersecurity Officer for Waymark, you will be responsible for advancing our core mission through the development of robust programs encompassing information security.  As an organization working with patients and providers to improve health outcomes, it is critical to build and maintain appropriate systems and safeguards designed to protect the integrity and confidentiality of information. 

You are technical, a strong operator, and strategic thinker, looking to build, improve, and scale reliable security processes whenever possible.  Your leadership of the information security program at Waymark will include all facets of cybersecurity, and the associated user experience of our remote teams, and community-based care workers.  You will be responsible for security policy and implementation and operation of technical and administrative safeguards to support those policies.  You will use your experience to inform sound judgement to achieve the appropriate management of security risks in a manner consistent with the company’s values.  You will use your in-depth knowledge of security in a modern cloud based organization, to identify and address risks to the company, through a combination of hands-on technical contributions and directing and overseeing staff with security responsibilities. You will interact with the broader executive leadership team to communicate evolving needs, matching the security strategy to the size and stage of growth of the company and the information we safeguard.  

This is a remote friendly position that can be located anywhere in the United States.

Key Responsibilities & Duties 

• Oversee the internal cybersecurity program, road map, and strategy, which includes developing and implementing procedures and policies designed to protect Waymark communications, systems, and assets from internal and external threats and that safeguards health information.
• Oversee and manage Waymark’s MSSP and outsourced IT vendor, including responsibility for security and IT budgets, and IT tools used by Waymark.
• Partner with Product, Engineering, Legal, and Compliance leadership to determine risks and deploy risk management processes, supporting Waymark’s secure software development lifecycle and ensuring that our internally developed products and services meet the expectations of our patients, customers and regulators
• Own, define and oversee the necessary security operational functions such as Identity Management, Vulnerability Management, Incident Response, Security Awareness, and Vendor Risk Management
• Serve as Waymark’s HIPAA Security Officer, ensuring compliance with the HIPAA Security Rule, working closely with the legal team to document, review, maintain, and implement standards, policies, and procedures within security disciplines.
• Lead the strategy, implementation, and maintenance of industry-standard security certifications, including SOC2 Type II.
• Conduct research, analysis, and correlation across a wide variety of source data to identify and prevent compromise of our networks, host systems, and data. 
• Track and report on network security to the Waymark executive leadership team

Minimum qualifications

• BSCS or equivalent experience in an operational security role
• 10+ years of experience in security and/or information assurance roles, and risk management, with a strong record of successfully managing information security, including experience working in a healthcare environment, with a strong understanding of HIPAA
• Knowledge of information security management frameworks, such as NIST cybersecurity framework
• Experience and/or ability to learn and apply hands-on skills in a cloud native production environment
• Experience implementing cloud security technologies, including encryption, network security, intrusion detection, and could monitoring
• Excellent verbal and written communication skills with the ability to simplify complex topics for understanding and decision making by technical and non- technical audiences

Preferred qualifications

• Key industry certifications in information security, such as CISSP, CISM and CISA
• Experience in a startup of 100 - 500 people
• Experience with securing a production SaaS product hosted in AWS
• Experience conducting or managing technical audit engagements, or directly responding to auditor inquiries

Salary Range

US Employees in San Francisco/Bay Area, New York City - $175,000 - $231,000

US Employees in Boston, Los Angeles, Seattle, Washington DC - $161,000 - $212,000

US Employees in Arlington, Denver, San Diego, Sacramento - $154,000 - $203,000

US Employees in Albany, Atlanta, Austin, Baltimore, Central/Southern, Charlotte, Chicago, Dallas/Fort Worth, Detroit, Houston, Las Vegas, Miami, Milwaukee, Philadelphia, Portland, Research Triangle, Salt Lake City, Twin Cities - $140,000 - $185,000

US Employees in Baton Rouge, Birmingham, Charleston, Cincinnati, Cleveland, Daytona Beach, Indianapolis, Nashville, New Orleans, Omaha, Phoenix, Pittsburgh, St. Louis, Tampa - $135,800 - $179,400

In addition to salary, we offer a comprehensive benefits package. Here’s what you can expect:

Stock Options: Opportunity to invest in the company’s growth.

Work-from-Home Stipend: A dedicated stipend for your first year to help set up your home office.

Medical, Vision, and Dental Coverage: Comprehensive plans to keep you and your family healthy.

Life Insurance: Basic life insurance to give you peace of mind.

Paid Time Off: 20 vacation days, accrued over the year, plus 11 paid holidays.

Parental Leave: 16 weeks of paid leave for birthing parents after six months of employment, and 8 weeks of bonding leave for non-birthing parents.

Retirement Savings: Access to a 401(k) plan with a company contribution, subject to a vesting schedule.

Commuter Benefits: Convenient options to support your commute needs.

Professional Development Stipend: A dedicated stipend supports professional development and growth.

Offer of employment is contingent upon successful completion of a background check.

Don’t check off every box in the requirements listed above? Please apply anyway! Studies have shown that some of us may be less likely to apply to jobs unless we meet every single qualification. Waymark is dedicated to building a supportive, equal opportunity, and accessible workplace that fosters a sense of belonging – so if you’re excited about this role but your past experience doesn’t align perfectly with every preferred qualification in the job description, we encourage you to still consider submitting an application. You may be just the right candidate for this role or another one of our openings!