🛠 Tech Stack

💼 About This Role

You'll own security governance, compliance, and IT operations for a healthtech infrastructure company connecting EHR systems. You'll build the security program from near-zero, drive SOC 2 and HIPAA audits, and influence engineering on security practices. This is a player-coach role with direct team-building within the first year.

🎯 What You'll Do

• Own security governance, compliance, and IT programs end-to-end
• Serve as Information Security and Privacy Officer for SOC 2 and HIPAA
• Set security standards for cloud security, access controls, and vulnerability management
• Build and develop the IT and workforce security program
• Lead vendor security, incident response, and annual tabletop exercises

📋 Requirements

• 8+ years of relevant security experience
• 3+ years in a security leadership role building a program from near-zero
• Owned a recurring external audit cycle (e.g., SOC 2, HIPAA) end-to-end
• Software engineering background to evaluate code and cloud configurations
• Experience hiring and developing senior security or IT individual contributors

✨ Nice to Have

• Has reshaped how a company engages with auditors or customer security teams
• Experience with SIEM, MDR, IDS/IPS, WAF, DLP, vulnerability scanners

🎁 Benefits & Perks

• 🏥 Full Medical, Dental, and Vision (up to 100% covered)
• 🏦 401K and commuter benefits
• 🌴 Flexible PTO
• 💡 High-impact work improving healthcare for millions
• 📈 Stock options

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Hiring Manager Interview· 45 min
3. 3Technical Interview· 60 min
4. 4Leadership Interview· 45 min