Information Security Manager

Information Security Manager

Join the team at Buoy!



Boston, MA


We create technology with heart for the health of every person in the world.

Company Overview

Buoy builds a free digital health tool that helps people – from the moment they get sick – start their health care on the right foot. Started by a team of doctors and computer scientists working at the Harvard Innovation Laboratory in Boston MA, Buoy was developed in direct response to the downward spiral we’ve all faced when we attempt to self-diagnose our symptoms online. Buoy leverages artificial intelligence – powered by advanced machine learning and proprietary granular data - to resemble an exchange you would have with your favorite doctor – to provide consumers with a real-time, accurate analysis of their symptoms and help them easily and quickly embark on the right path to getting better. Buoy is based in Boston and was founded in 2014.

Job Description

Buoy is taking on the multi-faceted challenge of applying Artificial Intelligence (AI) to medicine and developing novel interfaces and algorithms to reason about the relationship between humans, symptoms, and illnesses. We are looking for an information security manager to help Buoy keep user data and information safe and secure. A strong candidate will have experience in writing and implementing security policies that use risk management systems such as HITRUST or SOC II. Reporting to the Controller, this person will begin their time at Buoy by leading the HITRUST certification process and potentially grow to manage the IT/security function at Buoy. Additionally, a strong candidate will take pride in his or her work, exhibit attention to detail, demonstrate accountability for given tasks or projects, have a passion for solving healthcare-IT-related problems, contribute to a variety of projects, and excel at communicating with both technical and non-technical members of the team.

A Typical Week:

  • Develop policies in accordance with HITRUST, GDPR, ISO 27001 and oversee and enforce their implementation across the entire company.
  • Lead internal and third party security assessments and audits.
  • Meet with third party customers and vendors to ensure compliance with all security needs.
  • Communicate to the broader team the security risks and how we have mitigated them as an organization.
  • Assist in the development of an IT organization.
  • Coordinate with the Buoy Legal team to interpret and understand, laws, regulations, complex issues, and documents.

Minimum Qualifications

  • Experience in data privacy and security, including privacy assessments and audits, risk mitigation practices, and information security standards.
  • Experience managing/conducting cybersecurity framework (CSF) assessments [HITRUST preferred].
  • Bachelor’s degree Cyber Security, Computer Science, engineering, IT security management, risk management, or comparable professional education/training in a field relevant to IT Security management.
  • Knowledge of data protection laws, best practices, and methodologies.
  • Excellent communication skills

Preferred Qualifications

  • Experience in the healthcare industry
  • Compensation/Benefits

    • 85k + Options
    • Medical, Dental, and Vision
    • Simple IRA
    • Dogs in the office!

Join the team at Buoy!


Related articles

Would you be willing to answer a few questions about your experience?

Leave feedback
See all other articles