Note: The job is a remote job and is open to candidates in USA. Honest Health is a company focused on transforming primary care through purpose and partnership. They are seeking a seasoned cybersecurity professional to manage incidents, develop awareness programs, and collaborate with stakeholders to enhance cybersecurity practices within the organization.
Responsibilities
• Lead and manage the company's incident response processes and team members as the organization grows
• Develop, implement, and maintain incident response plans and procedures
• Coordinate and conduct incident response activities, including detection, analysis, containment, eradication, and recovery
• Investigate security incidents to determine root cause and implement corrective actions
• Ensure timely and effective communication with stakeholders during security incidents
• Operate and improve core security controls (IAM, endpoint security, logging, monitoring, vulnerability management)
• Partner with IT and Platform teams to implement practical, scalable security controls
• Help mature cloud and application security practices (least privilege, secure defaults, audit logging)
• Develop and implement cybersecurity awareness training programs for team members
• Promote a culture of cybersecurity awareness and best practices throughout the organization
• Monitor and measure the effectiveness of cybersecurity awareness initiatives
• Ensure compliance with HIPAA regulations and standards
• Develop, implement, and maintain policies and procedures to protect the confidentiality, integrity, and availability of protected health information (PHI)
• Conduct regular audits and assessments to ensure HIPAA compliance
• Coordinate closely with the Managed Security Service Provider (MSSP) to ensure seamless integration and operation of the Security Operations Center (SOC) and Security Information and Event Management (SIEM) solution
• Collaborate with the MSSP to define and refine alerting thresholds, response procedures, and escalation paths to effectively address security incidents
• Provide direction and guidance to both internal incident response teams and external MSSP/SOC analysts during security incident escalations and threat hunting initiatives
• Participate in vendor security reviews and risk assessments
• Lead cross-functional incident response efforts, bringing together teams from IT, legal, compliance, and other departments to coordinate response activities and mitigate security risks effectively
• Perform other related responsibilities as assigned
Skills
• Bachelor's degree in computer science, information technology, cybersecurity, or a related field is required; Master's degree considered a plus
• 5+ years of experience in cybersecurity incident response, threat hunting, and cybersecurity awareness
• Strong knowledge of cybersecurity frameworks, standards, and best practices (e.g., NIST CSF, ISO 27001, HIPAA)
• Experience with incident response tools and technologies
• Excellent communication, leadership, and problem-solving skills
• Relevant certifications (e.g., CISSP, CISM, GIAC)
Benefits
• Short-term incentives
• Comprehensive benefits package
Company Overview
• Honest Health is the leader in primary care transformation. It was founded in undefined, and is headquartered in Nashville, US, with a workforce of 201-500 employees. Its website is https://honesthealth.com.