Associate Director of Information Security

HealthEquity, Inc.   •  

Draper, UT

Industry: Healthcare IT


5 - 7 years

Posted 420 days ago

How you can make a difference


HealthEquity is looking for a passionate Associate Director of Information Security to join our team. This person will support the Director of Cybersecurity and Privacy with enterprise-wide information security. They will be responsible in building and maintaining a solid information security program to help prevent unauthorized access, alteration, deletion, or transmission of sensitive electronic information, with a focus on assisting technology in securing infrastructure. Ensure protection of the integrity, confidentiality and availability of information in the compliance with industry and federal and state regulatory groups, which will include but are not limited to HIPAA and GLBA requirements.

The successful candidate will be knowledgeable of current Information Security Management processes and best practices including ISO and NIST. The candidate will be results driven and have a proven track record of assisting organizations implement an Information Security program through the strategy, design, implementation, and monitoring of relevant and comprehensive security practices. They must be able support the business in prevent, identify, and remedy organizational security gaps. Demonstrated customer service focus, work ethic and attention to detail are critical to success in this position.


What you’ll be doing


  • Support in building and implementing the information security roadmap.
  • Build a security operations center and facilitate a cross-functional matrixed team that monitors the environment.
  • Using NIST 800-37 as a model, categorize and baseline systems in the environment and work with departments to identify and develop controls that mitigate risk.
  • Build key performance indicators (KPIs) and report findings to leadership.
  • Assist in developing, planning, and executing the investigation of security incidents.
  • Assess security posture of the organization through regular assessments (internal and external vulnerability scanning, firewall, VPN, wireless security, social engineering, host security configuration, network design, mobile, physical security, and virtual infrastructuresecurity) and remediation plans.
  • Lead, manage and motivate team members in the information security department.
  • Orchestrate internal teams to ensure successful passing of SOC II type II and similar audits.
  • Act as a backup for the Director of Cybersecurity and Privacy.
  • Other duties as assigned.


What you will need to be successful



  • A Bachelor’s degree with at least 6 years of experience in similar role.
  • Relevant education of Information Security Management (i.e. CISSP, CISM, CEH)
  • Experience with vulnerability scanning tools.
  • Proven track record in implementing a robust Information Security program.
  • Substantial knowledge of Information Security standards and regulations (ISO27001/2, NIST, HIPAA).
  • Excellent planning and organization skills in a fast-paced environment.
  • Excellent influence and negotiation skills with a strong customer service mentality.
  • Must be a strong team player, well organized and able to handle multiple assignments and responsibilities simultaneously, ability to make decisions under pressure.
  • Enjoys problem solving, working with cross functional departments.
  • Strong self-motivation and self-management skills in planning and coordination of own activities.
  • This is a technical, high volume, diverse role that requires the member to change “hats” frequently and often without notice.



Why work for HealthEquity


HealthEquity has a vision to save healthcare. We are passionate about providing a solution that allows American families to build health savings for life. Through our innovative technology and superior service delivery, our members gain valuable insights to better save and spend their healthcare dollars.


We firmly believe that our team members drive the success of this company. We hire passionate contributors who enjoy the thrill of pioneering their positions to their full potential. Join us and discover a work experience where the person is valued more than the position, and where are our purple culture drives a remarkable experience.


Our advice to you


HealthEquity is fiercely focused on hiring passionate individuals to contribute to our purple culture. If you speak passion, excellence, service, ambition, fun… we want to speak with you! We believe that your personality is as important as your experience and qualifications so when we do have the opportunity to speak together, be authentic, be genuine, be you! Showcase your experience and your passion.


HealthEquity, Inc. is a proud promoter of equal opportunities for training, compensation, transfer, promotion, and other aspects of employment for all qualified applicants and employees. HealthEquity, Inc. support Equal Employment Opportunities without regard to sex, race, color, religion, national origin, age, disability, sexual orientation or veteran status when hiring – under federal, state and local laws.