Director of Information Security
Lirio applies the psychology of human behavior and the power of advanced machine learning to help healthcare and energy enterprises drive individuals toward positive behavior change at scale. Lirio delivers mass personalization by harnessing behavioral intelligence to surface the right message to the right person to drive the right action at the right time.
As the Director of Information Security, you will play a vital role in the success of Lirio’s core technology while protecting the organization, including its data, reputation, and clients. This role will report to the CFO and involve the management and building of a security program, policies, team, and training processes.
The Director of Information Security will be integral to the organization’s security and compliance. Experience with HIPAA and the healthcare industry is preferred. This role will:
- Work with the Executive Team to continually balance risk with the organization’s business objectives and security posture.
- Develop and maintain organization-wide security and compliance programs.
- Establish policies and procedures to ensure appropriate controls and monitoring.
- Train the organization in Lirio’s security programs and policies, including PHI and PII compliance.
- Work with IT, engineering, machine learning, software development, and other technology teams to ensure they have the tools and knowledge to help monitor, identify, and defend against security attacks which integrate with current/modern practices and tools. We get there together.
- Make suggestions to the proper organizational heads for threat mitigations.
- Identify, report, and control security and data breach incidents along with postmortem processes.
- Maintain timely and effective communication with the proper stakeholders to resolve security issues.
- Develop, manage, and train a security team in the context of a growing business.
- Monitor threats and take preventative measures.
- Stay up to date with the global security community.
- Communicate to the organization about the importance of information security and compliance.
- Develop and operationalize security tests and practices, such as penetration tests and phishing simulations.
- Perform internal audits and assessments.
- Develop metrics to gauge the effectiveness of the security program and initiatives.
- Manage intrusion detection and prevention systems and work with the appropriate stakeholders to integrate them into the organization.
- Establish and maintain a strong external network of security professionals and organizations to ensure threat information and best practices are integrated into Lirio’s security program.
- Develop and retain security skills within the organization.
- Maintain and internalize with any security personnel a strong understanding of Lirio’s business objectives, incremental goals, and processes, so risk management and security operations effectively support the business. It’s a balance.
Education & Experience
An ideal candidate has:
- BA in Computer Science, Computer Engineering, Networking/Telecommunications, or a similar field, with demonstrated expertise and work experience in the field of cyber security or equivalent work experience.
- 10 years of technical work experience in cyber operations and risk management.
- 5 years of managerial/supervisory experience.
- Strong written and oral communication skills with the ability to speak directly to Executive Team or board members if required.
- Extensive experience with intrusion prevention and detection, log management and analysis, event monitoring, and incident response and planning.
- Extensive experience with network security and topology.
- Extensive experience with vulnerability scanning and mitigation.
- Experience establishing and maturing risk management.
- Experience leading self-assessments and supporting audit activities.
- Ability to work collaboratively in a self-driven manner with strong decision making and time management skills.
- Familiarity with current application development practices, data analytics, and cloud services.
- Experience with and knowledge of federal security and risk management requirements with an emphasis on NIST publications.
Lirio offers salaries and benefits that compete with the largest cities and tech companies, yet our mid-sized home city of Knoxville, Tennessee has a cost of living below the national average. Our company culture is driven by our employees, people who are committed to delivering results and who truly believe “we get there together.” Here, each person has opportunities to impact decisions, benefits, direction, and company culture. We offer many possibilities to grow and learn individually and collectively.
To apply, please send your resume and LinkedIn URL to [email protected] and specify the position for which you are applying in the subject line.
Knoxville has an awesome developer and technology community, with many user groups for technologies beyond computing, such as 3D printing and “makers.” It is a wonderful college town with a great school system. There are many outdoor opportunities, such as state parks, streams, lakes, and greenways along with the Great Smoky Mountain National Park and a wonderful culinary and foodie scene with craft breweries and distilleries.