Sr. Information Security Manager
We started Lively because we believe no one should have to sacrifice their personal health for their financial health. Lively is bringing HSAs and FSAs into the modern era so it’s easy to save on the costs of healthcare today, and plan for the costs of tomorrow. We’ve made it our mission to inspire people to confidently embrace a healthy future.
With offices in San Francisco, Boise, and remote team members throughout the nation, we’re a company that’s passionate about simplifying and improving how people save and spend their healthcare funds. Come be a part of changing how Americans can maximize their healthcare spending!
About the Role
Lively is looking for an experienced Information Security Manager to join our team! As a Senior Information Security Manager, you’ll lead and manage security initiatives to help bolster Lively’s security program including: policy management, third party and internal risk, proactive vulnerability prevention, training and awareness campaigns, access controls, and other tasks applied to our programs. You’ll bring a broad, but technical, experience & perspective, and find creative ways to enable team members to perform their day to day job requirements via secure but user-friendly means.
Implement, enforce, and maintain security policies and procedures.
Vet third party vendors or partners including our technical integrations with them.
Identify and mitigate high risk activities and processes within the organization.
Manage our third-party pen tests.
Manage internal threats via email including phishing and infosec awareness campaigns.
Manage our infosec training program.
Perform onboarding/offboarding tasks for sensitive systems.
Identify, procure, and deploy new security controls, products, tools, or configurations.
Work with stakeholders and team members to provide guidance and education on Lively policy and best practices.
Respond to potential security incidents by investigating and documenting the incident, and making recommendations for remediation.
Skills & Experience
4+ years in an information security role, overseeing a security program as a whole.
Experience analyzing the impact of introducing a third party to an organization.
Experience with HIPAA rules and handling PHI within an organization.
Familiarity with SOC 2 and PCI DSS controls.
Familiarity with NIST or CIS frameworks.
Software engineering, systems, or architecture background.
Excellent verbal and written communication skills, including the ability to articulate policy requirements into easy to understand and consistent policy statements.
CISSP and other certifications are a plus!
Applicants must be currently authorized to work in the United States on a full-time basis with no sponsorship needed now, or in the future.
We encourage you to apply if you do not meet all of the qualifications but feel you would be a good fit for the position.
Benefits & Perks
We offer competitive salaries, stock options, medical, dental, vision, life and disability coverage, HSA with employer contribution, FSA, flexible vacation, commuter benefits, a 401k plan, and more.
At Lively, we believe having diverse teams in which everyone can be their authentic self is key to our success. We encourage people from underrepresented backgrounds to apply. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Come join us in our mission to help people optimize their healthcare spending, maximize their savings, and better their livelihood!