Moovel has flagged the Chief Financial Officer job as unavailable. Let’s keep looking.

Job Details

Description

The Chief Information Security Officer (CISO) is a senior-level management position responsible for overseeing CorVel’s organization’s information security and privacy. This person plays a crucial role in the organization, closely collaborating with the Legal, Executive Leadership, Information Technology, and Software Engineering teams to establish and achieve strategic information security and privacy objectives.

The CISO will lead, develop, and implement security and privacy policies and procedures, manage security technologies, and oversee security audits and awareness training. The ideal candidate will have extensive experience in information security, including experience with security risk management, incident response, and forensics.

The vision for CorVel security, privacy, and compliance efforts is to build programs that:

  • Exemplify the highest levels of quality and integrity
  • Drive highly cooperative efforts to address the highest risks efficiently
  • Allocate resources to the maximum reduction in risk
  • Inspire and foster a culture of security and privacy across the CorVel organization

Being CISO at CorVel requires someone pragmatic who values business enablement and cooperative leadership and oversight. The position works in partnership with a highly-qualified and lean Security & Privacy team at CorVel whose goal is to protect data assets and enable business.

This is a hybrid opportunity.

ESSENTIAL DUTIES & RESPONSIBILITIES:

The essential functions include, but are not limited to the following:

  • Serve as the company’s lead information security officer, overseeing all security and privacy initiatives, policies, and procedures.
  • Develop and implement information security strategies, including vulnerability assessments, penetration testing, and cybersecurity awareness and training.
  • Perform risk assessment and vulnerability analysis including teal-time analysis and triage of emergent threats.
  • Keeping abreast of developing security threats and advise management on appropriate countermeasures.
  • Promote the company’s information security reputation and serve as a security subject matter expert, supporting IT and development teams, the Board of Directors, and customer meetings as required.
  • Develop and maintain the Company's Security Policies, Procedures and standards including evaluation and compliance with security measures, Disaster Recovery and Emergency operating procedures, Security Incident Response and process protocols including Incident Reporting and Sanctions and Testing of security procedures, mechanisms, and measures.
  • Maintain appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted data and protect against reasonably anticipated threats and hazards.
  • Oversee and/or assist in performing ongoing security monitoring of organization information systems, including assessing information security risk periodically as well as conducting functionality and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements.
  • Lead internal security risk management program across the enterprise supporting security, privacy, audit, and compliance activities.
  • Program management: Keeping ahead of security needs by implementing programs or projects that mitigate risks.
  • Security architecture: Planning, buying, and rolling out security hardware and software, and ensuring IT and network infrastructure is designed with best security practices in mind.
  • Drive 3rd party supplier risk management program.
  • Manage critical security programs, including application security, business continuity, vulnerability management, and penetration testing programs.
  • Respond to customer and prospect security information requests.

MINIMUM QUALIFICATIONS (KNOWLEDGE, SKILLS, & ABILITIES):

  • Bachelor’s Degree in Computer Science, Cybersecurity, Information Technology, or other related field or equivalent experience
  • 10+ years of experience in information security
  • 5+ years of project leadership experience
  • Specific experience with one or more of the following areas: penetration testing, application security, vulnerability management, security risk management, security and privacy incident management
  • Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs
  • Deep knowledge and experience with relevant IT and security technologies
  • Experience with HIPAA, HITRUST, SOC1,2,3, SOX, NIST 800-53/CSF, or other relevant frameworks
  • Notable cloud security experience
  • Outstanding written and spoken communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences
  • Certification of CCISO, CISSP, CISM, SANS, GIAC, CISM

PAY RANGE:

CorVel uses a market based approach to pay and our salary ranges may vary depending on your location. Pay rates are established taking into account the following factors: federal, state, and local minimum wage requirements, the geographic location differential, job-related skills, experience, qualifications, internal employee equity, and market conditions. Our ranges may be modified at any time.

For leveled roles (I, II, III, Senior, Lead, etc.) new hires may be slotted into a different level, either up or down, based on assessment during interview process taking into consideration experience, qualifications, and overall fit for the role. The level may impact the salary range and these adjustments would be clarified during the offer process.

Pay Range: $188,842 – $317,230

A list of our benefit offerings can be found on our CorVel website: CorVel Careers | Opportunities in Risk Management

About CorVel

CorVel, a certified Great Place to Work® Company, is a national provider of industry-leading risk management solutions for the workers’ compensation, auto, health and disability management industries. CorVel was founded in 1987 and has been publicly traded on the NASDAQ stock exchange since 1991. Our continual investment in human capital and technology enable us to deliver the most innovative and integrated solutions to our clients. We are a stable and growing company with a strong, supportive culture and plenty of career advancement opportunities. Over 4,000 people working across the United States embrace our core values of Accountability, Commitment, Excellence, Integrity and Teamwork (ACE-IT!).

A comprehensive benefits package is available for full-time regular employees and includes Medical (HDHP) w/Pharmacy, Dental, Vision, Long Term Disability, Health Savings Account, Flexible Spending Account Options, Life Insurance, Accident Insurance, Critical Illness Insurance, Pre-paid Legal Insurance, Parking and Transit FSA accounts, 401K, ROTH 401K, and paid time off.

CorVel is an Equal Opportunity Employer, drug free workplace, and complies with ADA regulations as applicable.

#LI-Hybrid

Read Full Description
Confirmed 14 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles