Join us

Build the future with the world's best entrepreneurs.

Business Information Security Manager



Remote, OR, USA · Remote
Posted on Thursday, May 4, 2023
About the Opportunity
Flywheel is seeking a Business Information Security Manager to join our busy and growing team. This is a unique opportunity for a motivated professional with a passion for Information Security to utilize their skills within a fast-paced company working with cutting edge technology. Successful applicants will have a passion for assessing current industry trends while following regulatory changes in order to support the Compliance and Security Program and its implementation company wide. They will also have a passion for instructing and leading personnel in a professional and constructive manner, with a focus on the company's security posture. The Business Information Security Manager is an integral part of the Regulatory Affairs department and will manage security Risk and Supplier Assessments for the organization. Compliance is a team effort at Flywheel, and the role will work closely with the Director of Information Security to guide the direction of the organization’s security and compliance efforts. The Business Information Security Manager will interface with the sales, development and operations teams to advocate for security best practices and will have an excellent opportunity to drive security projects and manage the risk management lifecycle. We’re highly responsive to customer needs and constantly strive to make a positive contribution to the biomedical and life sciences communities we serve.
The Business Information Security Manager will report directly to the Sr. Director of Regulatory Affairs. They will assist the Director of Information Security and lead the successful delivery of information security initiatives across the organization. The individual will serve as a trusted advisor to product and engineering teams and will help identify, assess and execute remediation and mitigation plans to minimize security risks while partnering with business leaders to ensure that business decisions are risk aware and made with security in mind.
Work closely with our team of engineers and business stakeholders in a fast-paced startup environment. The development team operates within a lightweight Agile process and is empowered to alter it as needed to achieve team and company objectives. In this role, you will collaborate with multiple departments spanning across the company. We’re highly responsive to customer needs and constantly strive to make a positive contribution to the biomedical and life sciences communities we serve.
Team members are recognized and rewarded when advocating for customer success and satisfaction over other concerns. We value self-motivated, creative individuals who work well in a collaborative environment – constantly generating and sharing new ideas and solutions with the team.
Flywheel has a comprehensive benefits package and encourages a balanced work life and home life.


  • Manage and complete internal audits and related projects, ensuring compliance with relevant security standards and regulations.
  • Monitor and respond to endpoint security alerts and events, and implement necessary measures to mitigate risks.
  • Perform risk management lifecycle and assessments, including identifying, analyzing, evaluating, and treating risks to the organization.
  • Lead the incident response lifecycle and event management, including investigating and responding to security incidents, conducting root cause analysis, and recommending remediation actions.
  • Review and approve system and security architecture review from a security perspective, ensuring that they align with relevant security standards and regulations.
  • Maintain accurate and up-to-date System Security Plans, and ensure that they are comprehensive and aligned with the organization's security policies and procedures.
  • Develop and manage the supplier risk management program, including assessing and monitoring third-party risks, and ensuring compliance with relevant security standards and regulations.
  • Manage third-party audits and maintenance lifecycles, ensuring that vendors and partners are compliant with relevant security standards and regulations.
  • Perform privacy impact and transfer assessments, ensuring compliance with relevant data protection laws and regulations.
  • Maintain and update Company Plans of Action and Milestones, and ensure that they are aligned with the organization's security compliance programs and initiatives.

What would make you a great fit

  • Understanding of industry security frameworks ISO 27799, HITRUST, FedRAMP, ISO 27001, HIPAA, SOC 2, OWASP
  • Current CISSP, CISM or GIAC certifications while maintaining continuing education requirements
  • Additional Desired Certifications: CISA, CRISC
  • Familiarity with SDLC practices and Cloud Security (Google Cloud Platform, Amazon Web Services, and Azure)
  • Bachelors’ Degree in Information Technology related field or commensurate experience
  • Self-managing, self-motivated and effective in a distributed workforce
  • Proactive problem solving and forward-leaning work ethic
  • A preference for a fast-paced environment with rapidly changing requirements and procedures
  • Strong attention to detail surrounding HIPAA compliance and security guidelines
  • 5 years experience with Information Security Program Risk Management
  • Growth-oriented perspective and open to taking on and owning new challenges
Do you feel like you don't have everything that's listed above? If you have some of the skills and experience that we’re looking for and are willing to use your talent to learn the rest, we encourage you to apply!
About Us
Flywheel is the leading research data platform that's transforming the way biomedical and imaging data are managed at leading life sciences, clinical, and academic institutions globally.
Flywheel provides a comprehensive research data solution with all the tools needed for curation, imaging processing, machine learning workflows, and secure collaboration. By leveraging cloud scalability and automating research workflows, Flywheel helps organizations scale research data and analysis, improve scientific collaboration, and accelerate discoveries.
Company Values
The alchemy of effective teamwork happens when we each take ownership of both the menial and the magical every day. We’re serious, but never stuffy. We keep our cool under pressure because we assume best intentions and maintain perspective. This allows for true teamwork, with a dash of irreverence.
We are tenacious and united in our pursuit of solving our customers’ biggest challenges, and no challenge is too big. Diverse backgrounds across our team make us more effective as we listen, absorb, collaborate, and iterate to innovate.
We’re obsessed with uncovering the why of any given. Having an open mind allows us to be quick to fail and quick to adapt. We relentlessly pursue continual improvement through learning and imagining new possibilities.
We’re fueled by grit, boundless energy, and a deep belief that we are doing cool shit. We don’t hesitate to stand up and speak out because we trust that through tough, honest discourse we can drive change and make a real difference for our customers and our mission.