ExlService Holdings , Inc.
AVP-Cyber-Healthcare security
ExlService Holdings , Inc., Jersey City, New Jersey, United States, 07390
Job Description
AVP - Cybersecurity
is responsible for overseeing cybersecurity operations and strategy within EXL Health and Life Sciences business units. This role ensures Confidentiality, Integrity, and Availability of information assets, particularly sensitive data (PHI). This role also involves implementing standards and security policies that are maintained and managing technical implementation projects.
Responsibilities
The roles responsibilities involves, manages application security, infrastructure security, SOC operations, incident response, and third-party risk management. With 10+ years in information security and at least 5 years in progressive leadership roles, you bring the proven ability to build resilient security programs, lead high-performing teams, and serve as a trusted advisor. Your background in regulated environments, including HIPAA/HITECH, combined with recognized security certifications, sets you apart. If you're ready to drive security in healthcare technology.
Major Deliverables: Conduct enterprise risk assessments and develop mitigation strategies. Ensure compliance with federal, state, and industry regulations governing PII, PHI, and other sensitive data. Coordinate security audits, vendor risk assessments, and penetration testing. Integrate security into business processes, product development, and IT operations, including DevSecOps practices. Overseeing all aspects of information security, including application security, infrastructure security and third-party risk management Serve as the primary escalation point for security events, coordinating containment, investigation, and post-incident reviews. Serving as a trusted advisor to executive leadership on security posture, risk, and enterprise resilience Defining and executing the company's security strategy aligned with business objectives - building a proactive security posture that protects systems, data, and customers Leading major incident response efforts, from technical containment to executive and board-level communications Partnering with IT, DevOps, and business units to embed security into technology, systems, and business processes Managing SOC operations, threat detection, and secure design of systems, applications, and cloud environments (AWS, Azure) Ensuring adherence to leading security and compliance frameworks, including HIPAA, HITECH, FedRAMP, SOC 2, ISO 27001, and PCI DSS Supporting compliance teams by providing technical security expertise during audits and assessments Provide technical consultation and training to IT and business teams on secure design and operational practices. Foster a culture of security awareness through focused training programs. Qualifications
Minimum Requirements:
Minimum of 10 years of experience in cybersecurity, with deep expertise in healthcare regulations such as HIPAA, HITECH, and HITRUST Equivalent experience or a degree in cybersecurity, information systems, or a related field. Advanced certifications (e.g., CISSP, CISM) or degrees are highly desirable Proven success in shaping and executing security strategies and initiatives that improve patient data protection, regulatory alignment, and secure care delivery Strong executive communication and facilitation skills, with experience leading workshops, building consensus, and influencing senior stakeholders Demonstrated ability to lead cross-functional engagements, drive alignment, and proactively contribute to strategic opportunities Familiarity with Generative AI (e.g., Copilot, Gemini) and its implications for security, governance, and risk management Experience with agile methodologies, design thinking, and collaborative solution development Ability to conduct market research and translate insights into actionable security strategies and content Strong collaboration, influencing, and negotiation skills, with a relentless focus on customer success Enjoyment from working in a fast-paced, dynamic environment where initiative and assertiveness are key Passion for mentoring, sharing knowledge, and contributing to a culture of continuous learning Research and evaluate emerging privacy technologies from academia and industry, contributing to open-source tools and AI privacy standards Act as consultant and advocate for privacy best practices as central to our mission of Responsible AI Preferred Qualifications:
Strong communicator with the ability to positively influence engineers, developers, architects, and business leaders alike Thoughtful, pragmatic, and able to execute in a high-velocity, agile environment Deeply collaborative and experienced at embedding security into developer culture Track record of reducing risk without slowing down innovation Being articulate and precise to the internal stakeholders who are seeking counsel on what are the risks, why are they impactful, and options on how to resolve them Broad knowledge across the Security domain, as well as demonstrated focus in AI security evaluations and in one (or more) areas of Cybersecurity such as Red Teaming, Purple Teaming, Vulnerability Research, and Exploitation Master's degree (or foreign degree equivalent) in Information Systems Engineering, Computer Science, Engineering, Information Security, Cyber Security, Information Assurance, or related field
About Us
EXL (NASDAQ: EXLS) is a leading data analytics and digital operations and solutions company. We partner with clients using a data and AI-led approach to reinvent business models, drive better business outcomes and unlock growth with speed. EXL harnesses the power of data, analytics, AI, and deep industry knowledge to transform operations for the world's leading corporations in industries including insurance, healthcare, banking and financial services, media and retail, among others. EXL was founded in 1999 with the core values of innovation, collaboration, excellence, integrity and respect. We are headquartered in New York and have more than 54,000 employees spanning six continents. For more information, visit www.exlservice.com.
EXL never requires or asks for fees/payments or credit card or bank details during any phase of the recruitment or hiring process and has not authorized any agencies or partners to collect any fee or payment from prospective candidates. EXL will only extend a job offer after a candidate has gone through a formal interview process with members of EXL's Human Resources team, as well as our hiring managers.
About the Team
EXL is the indispensable partner for leading businesses in data-led industries such as insurance, banking and financial services, healthcare, retail and logistics. We bring a unique combination of data, advanced analytics, digital technology and industry expertise to help our clients turn data into insights, streamline operations, improve customer experience, and transform their business. Our partnerships with clients are built on a foundation of collaboration - and we've been chosen as a partner by nine of the top ten leading US insurance companies, nine of the top 20 global banks, and six of the top ten US health care payers. We function as one team to make your goals our goals, whether that's unlocking the value of generative AI or embedding analytics into workflows that reduce risk or power your growth. Clients choose EXL as their transformation partner for many reasons. Our geographic diversity make talent all over the world instantly accessible. Digital accelerators enable unmatched speed-to-value, letting you realize results fast. It's our people that truly set us apart, though, including the 1,500 data scientists we have dedicated to our generative AI practice. And our more than twenty years of experience in delivering business services, garnering stellar client references, and maintaining a solid balance sheet are reassuring to our C-suite clients. Find out for yourself why clients, employees, and analysts think we're some of the best in the business. Contact us to see how we can help you achieve your goals.
AVP - Cybersecurity
is responsible for overseeing cybersecurity operations and strategy within EXL Health and Life Sciences business units. This role ensures Confidentiality, Integrity, and Availability of information assets, particularly sensitive data (PHI). This role also involves implementing standards and security policies that are maintained and managing technical implementation projects.
Responsibilities
The roles responsibilities involves, manages application security, infrastructure security, SOC operations, incident response, and third-party risk management. With 10+ years in information security and at least 5 years in progressive leadership roles, you bring the proven ability to build resilient security programs, lead high-performing teams, and serve as a trusted advisor. Your background in regulated environments, including HIPAA/HITECH, combined with recognized security certifications, sets you apart. If you're ready to drive security in healthcare technology.
Major Deliverables: Conduct enterprise risk assessments and develop mitigation strategies. Ensure compliance with federal, state, and industry regulations governing PII, PHI, and other sensitive data. Coordinate security audits, vendor risk assessments, and penetration testing. Integrate security into business processes, product development, and IT operations, including DevSecOps practices. Overseeing all aspects of information security, including application security, infrastructure security and third-party risk management Serve as the primary escalation point for security events, coordinating containment, investigation, and post-incident reviews. Serving as a trusted advisor to executive leadership on security posture, risk, and enterprise resilience Defining and executing the company's security strategy aligned with business objectives - building a proactive security posture that protects systems, data, and customers Leading major incident response efforts, from technical containment to executive and board-level communications Partnering with IT, DevOps, and business units to embed security into technology, systems, and business processes Managing SOC operations, threat detection, and secure design of systems, applications, and cloud environments (AWS, Azure) Ensuring adherence to leading security and compliance frameworks, including HIPAA, HITECH, FedRAMP, SOC 2, ISO 27001, and PCI DSS Supporting compliance teams by providing technical security expertise during audits and assessments Provide technical consultation and training to IT and business teams on secure design and operational practices. Foster a culture of security awareness through focused training programs. Qualifications
Minimum Requirements:
Minimum of 10 years of experience in cybersecurity, with deep expertise in healthcare regulations such as HIPAA, HITECH, and HITRUST Equivalent experience or a degree in cybersecurity, information systems, or a related field. Advanced certifications (e.g., CISSP, CISM) or degrees are highly desirable Proven success in shaping and executing security strategies and initiatives that improve patient data protection, regulatory alignment, and secure care delivery Strong executive communication and facilitation skills, with experience leading workshops, building consensus, and influencing senior stakeholders Demonstrated ability to lead cross-functional engagements, drive alignment, and proactively contribute to strategic opportunities Familiarity with Generative AI (e.g., Copilot, Gemini) and its implications for security, governance, and risk management Experience with agile methodologies, design thinking, and collaborative solution development Ability to conduct market research and translate insights into actionable security strategies and content Strong collaboration, influencing, and negotiation skills, with a relentless focus on customer success Enjoyment from working in a fast-paced, dynamic environment where initiative and assertiveness are key Passion for mentoring, sharing knowledge, and contributing to a culture of continuous learning Research and evaluate emerging privacy technologies from academia and industry, contributing to open-source tools and AI privacy standards Act as consultant and advocate for privacy best practices as central to our mission of Responsible AI Preferred Qualifications:
Strong communicator with the ability to positively influence engineers, developers, architects, and business leaders alike Thoughtful, pragmatic, and able to execute in a high-velocity, agile environment Deeply collaborative and experienced at embedding security into developer culture Track record of reducing risk without slowing down innovation Being articulate and precise to the internal stakeholders who are seeking counsel on what are the risks, why are they impactful, and options on how to resolve them Broad knowledge across the Security domain, as well as demonstrated focus in AI security evaluations and in one (or more) areas of Cybersecurity such as Red Teaming, Purple Teaming, Vulnerability Research, and Exploitation Master's degree (or foreign degree equivalent) in Information Systems Engineering, Computer Science, Engineering, Information Security, Cyber Security, Information Assurance, or related field
About Us
EXL (NASDAQ: EXLS) is a leading data analytics and digital operations and solutions company. We partner with clients using a data and AI-led approach to reinvent business models, drive better business outcomes and unlock growth with speed. EXL harnesses the power of data, analytics, AI, and deep industry knowledge to transform operations for the world's leading corporations in industries including insurance, healthcare, banking and financial services, media and retail, among others. EXL was founded in 1999 with the core values of innovation, collaboration, excellence, integrity and respect. We are headquartered in New York and have more than 54,000 employees spanning six continents. For more information, visit www.exlservice.com.
EXL never requires or asks for fees/payments or credit card or bank details during any phase of the recruitment or hiring process and has not authorized any agencies or partners to collect any fee or payment from prospective candidates. EXL will only extend a job offer after a candidate has gone through a formal interview process with members of EXL's Human Resources team, as well as our hiring managers.
About the Team
EXL is the indispensable partner for leading businesses in data-led industries such as insurance, banking and financial services, healthcare, retail and logistics. We bring a unique combination of data, advanced analytics, digital technology and industry expertise to help our clients turn data into insights, streamline operations, improve customer experience, and transform their business. Our partnerships with clients are built on a foundation of collaboration - and we've been chosen as a partner by nine of the top ten leading US insurance companies, nine of the top 20 global banks, and six of the top ten US health care payers. We function as one team to make your goals our goals, whether that's unlocking the value of generative AI or embedding analytics into workflows that reduce risk or power your growth. Clients choose EXL as their transformation partner for many reasons. Our geographic diversity make talent all over the world instantly accessible. Digital accelerators enable unmatched speed-to-value, letting you realize results fast. It's our people that truly set us apart, though, including the 1,500 data scientists we have dedicated to our generative AI practice. And our more than twenty years of experience in delivering business services, garnering stellar client references, and maintaining a solid balance sheet are reassuring to our C-suite clients. Find out for yourself why clients, employees, and analysts think we're some of the best in the business. Contact us to see how we can help you achieve your goals.