Information Security Lead - Any city, TX, US, 99999

Be part of a team that unleashes the power of leading-edge technologies to help improve the health and well-being of those most vulnerable in our country and communities. Working at Gainwell carries its rewards. You’ll have an incredible opportunity to grow your career in a company that values work flexibility, learning, and career development. You’ll add to your technical credentials and certifications while enjoying a generous, flexible vacation policy and educational assistance. We also have comprehensive leadership and technical development academies to help build your skills and capabilities.



As a Product Information Security Leader (ISL), you will play a pivotal role in ensuring the seamless integration and effective utilization of Gainwell's diverse product portfolio. You will work closely with internal teams and external stakeholders to understand product functionalities, address concerns, and optimize solutions across various domains, including healthcare, data analysis, and client support services. In a typical engagement, you operate as a trusted advisor in the organization, working with senior management and focusing specifically on health care industry regulated security requirements and environments in relation to client business objectives.


The ISL helps understand operational issues and plans next steps from an information security viewpoint. This requires the ability to interact and influence at a managerial level within client organizations such as Information Governance and IT Security leads. You will demonstrate industry expertise and understanding of the security governance and compliance. Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the National Institute of Standards and Technology (NIST) 800-53 framework is what the ISL will be analyzing and enforcing, maintaining, and helping to assess on each designated account or health care product within Gainwell Technologies and its partners.

Your role in our mission

  • Product Integration Management: Facilitate the integration of MMIS SaaS, Immunization Registry, Women, Infant, and Childcare solutions, Early Intervention programs, and other Gainwell products into client systems. Coordinate with technical teams to ensure smooth deployment and compatibility of products within client environments. Compliance and operational focused.
  • Data Security and Compliance: Educate stakeholders on the importance of safeguarding PHI/PII data embedded within Gainwell products. Implement and enforce compliance measures to mitigate risks associated with sensitive information.
  • Client Support and Communication: Serve as a primary point of contact for clients regarding product functionalities, updates, and troubleshooting. Communicate effectively with internal teams to address client concerns and optimize product performance.
  • Enhancement and Innovation: Collaborate with product development teams to identify opportunities for product enhancement and innovation based on client feedback and industry trends. Contribute to the roadmap of Gainwell products by providing insights into market demands and emerging technologies.
  • Lead Security operational governance activities.
  • Ensuring delivery excellence in security tooling and business operations (Ensuring avoidance of non-performance / non-compliance contractual penalties).
  • Maintain an account security plan and other security related documentation for the selected account(s) and Products.
  • Ensure Audit and penetration assessment preparation, facilitation, and remediation.
  • Manage security risk and exceptions to security standards within the organization and third-party risk. To include vulnerabilities, defects, and exploits.
  • Ensure knowledge sharing and implementation of security fundamentals, policies, and standards (regulatory and contractual).
  • Escalate and resolve Security Incidents with the Security Incident Response (SIR) team and Account Executives (AE).
  • Manage and report security incidents.
  • Coordinate delivery of Security Metrics and Reporting in support of contractual commitments.
  • Documentation including writing policies, standards, procedures, process, and security plans.

What we're looking for

  • At least 7 years’ experience working in a risk management, audit, security, or technical delivery role. Experience as a Security consultant, architect and/or engineer.
  • Experience in working with security management including information governance and compliance.
  • Good understanding of Assurance Practices and Risk Management, with hands on experience.
  • Experience with security processes and standards, in particular NIST 800-53, and/or ISO27001.
  • Experience with security audit and accreditation processes.
  • Experience in IT outsourcing business or 7+ years in industry vertical.
  • Experience with HIPAA, FIPS, NIST, MARS-E, and FedRAMP a plus.

What you should expect in this role

  • This is a fully remote opportunity.
  • Functionally reports to the Information Security Leader as part of the office of the Chief Information Security Officer (OCISO) to coordinate effort, solutions, and promote Security Practices.
  • Works in conjunction with the Account Delivery Executive and/or Product Owners
  • Partners and collaborates with Information Security staff and partners to leverage existing solutions and promote common security standards.


The deadline to submit applications for this posting is May 28, 2023.


The pay range for this position is $90,900.00 - $129,900.00 per year, however, the base pay offered may vary depending on geographic region, internal equity, job-related knowledge, skills, and experience among other factors. Put your passion to work at Gainwell. You’ll have the opportunity to grow your career in a company that values work flexibility, learning, and career development. All salaried, full-time candidates are eligible for our generous, flexible vacation policy, a 401(k) employer match, comprehensive health benefits, and educational assistance. We also have a variety of leadership and technical development academies to help build your skills and capabilities.


We believe nothing is impossible when you bring together people who care deeply about making healthcare work better for everyone. Build your career with Gainwell, an industry leader. You’ll be joining a company where collaboration, innovation, and inclusion fuel our growth. Learn more about Gainwell at our company website and visit our Careers site for all available job role openings.


Gainwell Technologies is committed to a diverse, equitable, and inclusive workplace. We are proud to be an Equal Opportunity Employer, where all qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We celebrate diversity and are dedicated to creating an inclusive environment for all employees.


Job Profile


North America


United States


401(k) employer match Career development Comprehensive health benefits Comprehensive leadership and technical development academies Development academies Educational Assistance Flexible Vacation Flexible vacation policy Fully remote opportunity Generous, flexible vacation policy Generous vacation policy Health benefits Inclusive workplace Leadership and technical development academies Medical Technical development academies Vacation policy Work flexibility


Analysis Audit Business Operations CISA CISM CISSP Client Support Collaboration Communication Compliance CRISC Data analysis Data Security Development Documentation Enhancement Facilitation FedRAMP Healthcare Health Insurance HIPAA Information security Innovation Insurance Integration IT outsourcing Leadership NIST Organization Product Development Product Integration Product Integration Management Reporting Risk Management Security governance Technology Troubleshooting

  • Collaborate on product enhancement
  • Documentation
  • Educate stakeholders on data security
  • Facilitate product integration
  • Implement knowledge sharing
  • Leadership
  • Lead security governance activities
  • Lead security operational governance activities
  • Manage security risks and exceptions
  • Prepare for audits and assessments
  • Serve as primary client contact
  • Troubleshooting

Business Healthcare Information Security IT




Fully remote Fully remote opportunity


America/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9