Compliance and Security Officer
Remote (USA)
Applications have closed
Marigold Health
Marigold Health is looking for our first Compliance & Information Security Specialist to design and oversee our compliance and security programs as we continue to grow the complexity of our organization and expand our product offerings. Our services, which include anonymized digital messaging across various platforms, are novel and require someone who is adaptive and well-versed to ensure we’re operating at the highest standards, and always maintaining the privacy and trust of our patient users. You will own policy design, implementation and internal auditing to mitigate risk in a rapidly changing regulatory environment. You will manage our certification processes, security questionnaires, and risk assessments with various private and public stakeholders. If you’re excited by the idea of architecting safe and compliant systems for a novel peer support program that supports patients normally overlooked by the system, we want to hear from you.
About Marigold Marigold Health exists to give every person with a mental health or substance use condition a place to feel heard. We have designed an asynchronous-first treatment program where patients support each other. We believe peers, individuals in recovery themselves who have received training to support others, can empower and engage those least likely to interact with current forms of care.
If we jointly decide to move forward, you can plan to (virtually) attend a 45-60 minute video interview with the Chief Product Officer. The final stage would be to meet (2-4) other members of the team via video conference for additional conversations about your approach to collaboration, your relevant experience to current projects, and alignment with our values. All in, you can expect the time commitment for this stage to be 3-4 hours of synchronous interaction, scheduled to fit your needs.
If you complete interviews, we will provide a decision or clear next step within five business days. We are ready to hire as soon as we find the right candidate. We can’t wait to meet you! More About Marigold Marigold Health is an early-stage, rapidly growing startup providing services for a range of community based mental health and substance use treatment providers as well as national health insurers. We collaborate with leading investigators at Brown University and Johns Hopkins and have been publicly recognized by the National Institute on Drug Abuse (NIDA) and the American Psychiatric Association.
Our program is a combination of 1-1 coaching and 24/7 anonymous chat support groups accessed over phone, SMS, and app/web. On the backend, proprietary natural language processing tools scale our peer workforce by augmenting group moderation, automating patient outreach, and sending sentiment-based “alerts” to coordinate care with other providers. Following strong results from our first clinical studies, we are entering a period of rapid growth, and expect to expand from 2 states today to 12 by this time next year. Our core values are authenticity, candor, and ambition. Inclusion is at the core of what we do. We’re working to bring care to the most underserved and stigmatized patients. We actively welcome applicants from a wealth of different backgrounds (including but not limited to race, gender, educational background, and sexual orientation). We must have diversity on our team and in our mindsets to be successful in moving the needle on the deeply entrenched and systematic challenges we face.
Marigold Health is an equal opportunity employer.
About Marigold Marigold Health exists to give every person with a mental health or substance use condition a place to feel heard. We have designed an asynchronous-first treatment program where patients support each other. We believe peers, individuals in recovery themselves who have received training to support others, can empower and engage those least likely to interact with current forms of care.
What You'll Do
- Draft compliance polices and establish safeguards
- Maintain auditable logs of sensitive business operations
- Lead company through relevant certifications (e.g. HITRUST, SOC2)
- Respond to client and external requests such as security and privacy diligence questionnaires, assessments and audits
- Conduct risk assessments and audits on internal processes, Business Associates, and other third parties
- Work with department heads to ensure access controls, disaster recovery, and incident policies are practical in day-day work settings
- Manage required security and privacy training for internal employees
- Assist in the management of current and future technology vendors
- Help enforce compliance and security best practices across the organization
- Inspect and test product iterations to quality & compliance specifications
Your Skills
- Minimum of 5 years of information security or compliance experience required
- Preferred professional certifications: CISSP, CCEP, CHC
- Expertise in HIPAA, state, and federal guidelines on privacy, transactions, and security.
- Working knowledge of threat vectors in mobile, web, telecommunication, and physical environments
- Concise, understandable, and efficient writing skills and the ability to interact professionally with a diverse group of employees, clients and subject matter experts
- Outstanding negotiation, facilitation, and consensus building skills
- Experience working in mental health, SUD and/or digital, remote program delivery
- Experience in SOC2, PCI, or HITRUST audits
- Experience working in a high-growth startup environment
- Motivated by our mission to give every single patient with a mental health condition a unique voice
- Passionate about security, privacy, and compliance - handling protected health information is a serious responsibility
- Proactive in self-directing work to areas of high impact
- Methodical and organized despite an unstructured environment
- Scrappy, able to iterate on processes with existing resources
- Be directly involved with saving lives by deploying a first-of-its-kind treatment model
- Have a scalable impact as we expand nationally, using our technology to expand Marigold’s reach
- Contribute to and gain expertise from a diverse, interdisciplinary team that includes clinicians, data scientists, and peer workers
- The base salary range for this role is $120-160K, depending on experience. As part of our founding team, this role will include ownership equity.
- Comprehensive healthcare coverage, including fully covered premiums for individuals (with the option to cover dependents for a cost) and a dedicated mental health benefit
- 4 weeks of PTO
- Computer and equipment provided
- Company travel budget and professional development budget
Nice to have
Who You Are
Reporting, Schedule and Location: This is a FT opportunity reporting to the Chief Product Officer. You can work remotely anywhere in the US. Most team members work virtually from home and are located on the east coast and internationally. If you prefer in-person work for any portion of the week, we currently have offices in Delaware and Massachusetts. You should expect to be available during east coast hours. Occasional travel to our offices and peer sitesalso a part of this role, as COVID-19 protections ease. Travel costs will be covered by the company.
Why You'll Love This Role
Compensation, Benefits and Culture
If we jointly decide to move forward, you can plan to (virtually) attend a 45-60 minute video interview with the Chief Product Officer. The final stage would be to meet (2-4) other members of the team via video conference for additional conversations about your approach to collaboration, your relevant experience to current projects, and alignment with our values. All in, you can expect the time commitment for this stage to be 3-4 hours of synchronous interaction, scheduled to fit your needs.
If you complete interviews, we will provide a decision or clear next step within five business days. We are ready to hire as soon as we find the right candidate. We can’t wait to meet you! More About Marigold Marigold Health is an early-stage, rapidly growing startup providing services for a range of community based mental health and substance use treatment providers as well as national health insurers. We collaborate with leading investigators at Brown University and Johns Hopkins and have been publicly recognized by the National Institute on Drug Abuse (NIDA) and the American Psychiatric Association.
Our program is a combination of 1-1 coaching and 24/7 anonymous chat support groups accessed over phone, SMS, and app/web. On the backend, proprietary natural language processing tools scale our peer workforce by augmenting group moderation, automating patient outreach, and sending sentiment-based “alerts” to coordinate care with other providers. Following strong results from our first clinical studies, we are entering a period of rapid growth, and expect to expand from 2 states today to 12 by this time next year. Our core values are authenticity, candor, and ambition. Inclusion is at the core of what we do. We’re working to bring care to the most underserved and stigmatized patients. We actively welcome applicants from a wealth of different backgrounds (including but not limited to race, gender, educational background, and sexual orientation). We must have diversity on our team and in our mindsets to be successful in moving the needle on the deeply entrenched and systematic challenges we face.
Marigold Health is an equal opportunity employer.
Tags: Audits CISSP Compliance HIPAA HITRUST Privacy SOC 2
Perks/benefits: Career development Equity Gear Health care Startup environment Travel
Regions:
Remote/Anywhere
North America
Country:
United States
Job stats:
7
3
0
Category:
Compliance Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs