Nox Health Group, Inc.2 weeks ago

Information Security Manager

Nox Health Group, Inc.

On-site · Alpharetta, Georgia, United States

Alpharetta, Georgia, United StatesOn-siteFull TimeSenior LevelBachelors DegreeUnknown

Type

Full Time

Level

Senior Level

Education

Bachelors Degree

Company size

Unknown

Job Summary

Information Security Manager leads the organization's cybersecurity program, overseeing security operations, risk management, and regulatory compliance. Responsibilities include developing and executing security strategy and roadmap, leading security operations, managing security tools (SIEM, EDR, vulnerability management, DLP, IAM, CSPM), integrating security into CI/CD, guiding incident response, risk assessments, and ensuring compliance with HIPAA, HITRUST, SOC 2, ISO 27001, and FedRAMP; collaborates with product, engineering, compliance, and customer success teams; requires 7+ years in cybersecurity, 3+ years in security-ops leadership, and relevant certifications; bachelor's degree in a related field; preferred DevSecOps, GRC, and healthcare/SaaS experience.

Required Qualifications

Bachelor’s degree in Information Security, Computer Science, Information Technology, or related field (or equivalent experience)
7+ years of progressive experience in cybersecurity
3+ years of experience leading or managing security operations teams
Professional certifications such as CISSP, CISM, CRISC, GIAC, or equivalent (preferred)
Hands-on experience with security operations tools such as SIEM, endpoint security, DLP, vulnerability scanning or continuous exposure management, and identity management systems
Experience in conducting risk assessments
Strong understanding of security frameworks (NIST CSF, ISO 27001, CIS Controls)
Experience with cloud security (AWS, Azure, GCP)
Experience working in regulated environments (e.g., healthcare, financial services, SaaS, etc.)
Strong communication and stakeholder management skills
Experience leading cross-functional security initiatives
Experience leading audit and compliance initiatives (leading HITRUST and FedRAMP certifications is preferred)
Familiarity with DevSecOps practices
Experience with GRC platforms
Strong understanding of PHI protection and data privacy

Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.

Hiring someone like this?

Get your role in front of qualified candidates on Sorce.

Get started