About Us
Lyric National Inc. provides skilled nursing facilities and other long-term care facilities with a concierge platform for in-facility healthcare services funded through a supplemental accident and sickness policy (Enhanced Plan). Our program enables residents to access robust medical services-often beyond what traditional Medicaid structures provide-while helping facilities maximize reimbursement and minimize net costs for patient care.
We are committed to improving healthcare access and financial sustainability for long-term care providers through innovative insurance solutions.
What You'll Be Doing
Security Strategy & Governance
- Define and own the company's information security strategy and roadmap
- Establish a risk‑based security framework aligned to business priorities
- Develop and maintain security policies, standards, and procedures appropriate for a growing organization
- Serve as the primary executive advisor on security risk, incidents, and tradeoffs
Platform & Application Security
- Partner tightly with Engineering to ensure secure design and operation of:
- Eligibility systems
- Salesforce integrations
- Internal and external APIs
- Cloud‑hosted applications
- Establish secure development lifecycle (SDLC) practices without adding unnecessary bureaucracy
- Guide threat modeling, vulnerability management, penetration testing, and remediation
Cloud & Infrastructure Security
- Own security posture for cloud‑based infrastructure (Azure)
- Define best practices for:
- Identity and access management
- Network security
- Containerized environments (Docker/Kubernetes)
- Logging, monitoring, and incident detection
- Ensure appropriate security controls are in place for vendors and partners
Data Protection & Privacy
- Protect PII and sensitive eligibility/enrollment data
- Lead data classification, encryption, retention, and access control strategies
- Partner with Legal and Compliance on privacy and regulatory obligations (e.g., SOC 2, HIPAA‑adjacent considerations, state privacy laws where applicable)
Incident Response & Risk Management
- Build and own the incident response plan
- Act as the executive lead during security incidents
- Conduct post‑incident reviews and continuous improvement
- Own third‑party and vendor security risk management
What You'll Bring
- 10+ years in information security, with progressive leadership responsibility
- Prior experience as a CISO, Head of Security, or senior security leader
- Experience securing cloud‑native, integration‑heavy platforms
- Background in technology, SaaS, fintech, or insurtech environments strongly preferred
Technical & Domain Expertise
- Strong understanding of:
- Application security
- Cloud security (Azure preferred)
- Identity and access management
- API and integration security
- Container and Kubernetes security
- Experience working with modern engineering teams using Agile/Kanban methods
Leadership & Communication
- Strong executive‑level communication skills
- Able to translate security risk into business impact
- Comfortable influencing without heavy authority
- Pragmatic, collaborative leadership style
Salary: $140000 - $240000 per year
