Technical Program Manager, Information Security

About Us

One Medical is a primary care solution challenging the industry status quo by making quality care more affordable, accessible and enjoyable. But this isn’t your average doctor’s office. We’re on a mission to transform healthcare, which means improving the experience for everyone involved - from patients and providers to employers and health networks. Our seamless in-office and 24/7 virtual care services, on-site labs, and programs for preventive care, chronic care management, common illnesses and mental health concerns have been delighting people for the past fifteen years.

In February 2023 we marked a milestone when One Medical joined Amazon. Together, we look to deliver exceptional health care to more consumers, employers, care team members, and health networks to achieve better health outcomes. As we continue to grow and seek to impact more lives, we’re building a diverse, driven and empathetic team, while working hard to cultivate an environment where everyone can thrive.

The Opportunity

One Medical, part of Amazon Health, is on a mission to reinvent and drive the future of healthcare. Security is an essential part of this mission as it earns and maintains customer trust. The Security Programs (PMO) team is looking to hire great people who are passionate about the future of healthcare, are excited about solving complex problems to protect our customers and are continually looking to raise the bar on security. 

We are currently looking for a Technical Program Management role to support our Information Security Teams, which includes the following: 

• Enterprise Security - Ensure that corporate network, laptops, and third-party vendors have the necessary security controls and maturity to protect corporate data and patient PHI and meet both industry (e.g. HIPAA) and financial (e.g. SOX) requirements.
• Product Security - Work with developers to build and maintain the necessary security into product and services to protect patient PHI, meet enterprise customer security expectations, and meet regulatory (e.g. HIPAA, SOX) requirements.
• Detection & Response - Manage and maintain services and tools to monitor, detect, prevent, and respond to unauthorized attempts to access customer PHI or corporate data and systems. Respond to security incidents and breaches.
• Security Engineering - Deploy and/or build tools to support information security capabilities. Focus on automation to allow the team to scale with company growth.

If you have a bias for action, customer obsession, and delight in making clarity from ambiguity, this might be the role for you. This position will require a broad set of skills including, but not limited to, authoring technical documentation consumed across the org, deep-diving new technologies, evaluating security posture and identifying mitigations, strategy development, and executive reporting. 

You will work directly with builders and leadership across One Medical Security, IT, Product, and cross-functional partners from One Medical and Amazon Health Services (AHS) businesses and Security, as well as subject matter experts in Legal, Privacy, and Compliance. 

What you’ll need: 

• 3+ years experience in a Technical Program Management function, managing complex security programs start to finish
• 3+ years Technical Project Management experience related to InfoSec, independently leading cross-functional projects with disparate stakeholders, effectively balancing priorities and making smart trade-offs.
• Delivering strategy & business review communications in a demanding reporting cycle/environment at the executive level & guiding discussion around them
• Excellent technical communication, writing and documentation skills, and ability to deliver to a wide audience
• Experience with comfortably interacting with and presenting to executive stakeholders
• 3+ years directing and coaching project managers to achieve program objectives
• Demonstrated ability to run an InfoSec program, supporting technical leads with program management, identifying resource needs, and providing visibility on program projects/initiatives to leadership & cross-functional stakeholders 
• Demonstrated ability to manage complex dependency management and identify risks, prioritizing mitigation efforts using risk management concepts.
• Evaluating potential risks and how to address them; be able to deliver high priority projects

Not required, but would be great if you have:

• Experience with Amazon’s Security Org/Amazon Leadership Principles 
• Experience in a Healthcare or Healthcare adjacent field

Benefits designed to aid your health and wellness:

Taking care of you today

• Paid sabbatical after 5 and 10 years
• Employee Assistance Program - Free confidential advice for team members who need help with stress, anxiety, financial planning, and legal issues
• Competitive Medical, Dental and Vision plans
• Free One Medical memberships for yourself, your friends and family
• Pre-Tax commuter benefits
• PTO cash outs - Option to cash out up to 40 accrued hours per year

Protecting your future for you and your family

• 401K match
• Opportunity to participate in company equity programs
• Credit towards emergency childcare
• Company paid maternity and paternity leave
• Paid Life Insurance - One Medical pays 100% of the cost of Basic Life Insurance
• Disability insurance - One Medical pays 100% of the cost of Short Term and Long Term Disability Insurance

This is a full-time remote role based in the United States. One Medical is committed to fair and equitable compensation practices. The base salary range for this role is $110,200 to $196,000 Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to skill set, depth of experience, certifications, and specific work location. The total compensation package for this position may also include RSUs, benefits and/or other applicable incentive compensation plans. For more information, visit https://www.onemedical.com/careers/

#LI-DNI

One Medical is an equal opportunity employer, and we encourage qualified applicants of every background, ability, and life experience to contact us about appropriate employment opportunities.

One Medical participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.  Please refer to the E-Verification Poster (English/Spanish) and Right to Work Poster (English/Spanish) for additional information.