🛠 Tech Stack

💼 About This Role

You'll own NexHealth's security governance, compliance, and IT programs end-to-end, partnering with engineering, legal, and leadership. You'll drive the next phase of our security and compliance program, building your team from the ground up. This is a player-coach role with real hands-on expectation in year one at a fast-growing health-tech startup.

🎯 What You'll Do

• Own security governance, compliance, and IT programs end-to-end
• Set security standards across application, cloud, and access controls
• Build and develop IT and workforce security programs
• Own vendor security intake, assessment, and oversight
• Lead incident response and run annual tabletop exercises

📋 Requirements

• 8+ years of security experience including 3+ years in a leadership role
• Has built a security program from near-zero baseline at least once
• Owned a recurring external audit cycle end-to-end (e.g., SOC 2, HIPAA)
• Software engineering background to read PRs and evaluate cloud configs
• Experience hiring and developing senior security or IT individual contributors

✨ Nice to Have

• Hands-on experience with SIEM, MDR, IDS/IPS, WAF, DLP, and vulnerability scanners
• Has reshaped how a company engages with auditors or customer security teams

🎁 Benefits & Perks

• 🏖️ Flexible PTO
• 🩺 Full Medical, Dental, and Vision (up to 100% covered)
• 💰 Stock options
• 🏦 401K and commuter benefits
• 🌍 High-impact work improving healthcare for millions

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Hiring Manager Interview· 60 min
3. 3Technical Interview· 60 min
4. 4Leadership Interview· 45 min
5. 5Offer· N/A