Information Security Manager (HIPAA)

Remote - United States

Quartet Health, Inc. logo
Quartet Health, Inc.
Apply now Apply later

Posted 2 weeks ago

Company Description:

Quartet is a platform that makes it easier for people to get the best mental health care for them. Our technology and services reach people who need care, connect them to the right care, track the quality of their care, and support their care journeys. Backed by $160.5MM in venture funding from top investors like Oak HC/FT, GV (formerly Google Ventures), F-Prime Capital Partners, Polaris Partners, Deerfield Management, Centene Corporation, and Echo Health Ventures, Quartet partners with health insurance plans and health systems in 32 states across the country to help people get the care they need.

We are deeply committed to growing a diverse team and an equitable and inclusive culture where all Quartetians are empowered to be themselves and do their best work. We know this is vital in realizing our mission to improve the lives of people with mental health conditions. As part of our commitment to building a diverse team, we have signed the Parity Pledge and actively encourage applicants of all backgrounds to apply.

About the team & Opportunity: 

You will join a growing Security Engineering team, tasked with managing (and more importantly) mentoring a team of 4 Security Engineers. In addition to helping shape Quartet's Security strategy, you'll work cross-functionally with teams (Engineering, Product, Legal) to ensure compliance from a technical perspective.

Qualifications:

  • 3+ years of people management experience (within an engineering or security-related role)
  • 3+ years working in a HIPAA/HITRUST compliant environment
  • Strong understanding of AWS and Cloud Security practices

Responsibilities:

  • Define and execute strategy for Quartet’s security risk management program to include organizational security, information technology, application security, and compliance.
  • Drives action through strong advocacy of the value of security.
  • Serve as cybersecurity risk and subject matter expert and advisor for senior management on emerging threats, attacks, vulnerabilities and security concerns.
  • Be aware of the developing security threats, and help the business understand the potential security implications related to ongoing projects or 3rd party vendors.
  • Lead annual SOC2 renewal and HITRUST certification
  • Ensure engineering teams are empowered with both the education and tools needed to incorporate security into development practices and automated build & deployment processes.
  • Communicate security policies and procedures to all personnel and monitor compliance.
  • Help build security awareness, education, and annual training for various Quartet business units.
  • Mature security processes to ensure our systems are monitored for security alerts, anomalies are tracked, and procedures followed when alerts triggered.
  • Drive collaboration on information security across the enterprise, including the legal, information technology, engineering, care navigation, sales, product management and finance.
  • Oversee the coordination of internal and external audits or assessments of platform or internal business practices.
  • Develop threat models and engage in ongoing development discussions on secure architecture
  • Manage and coordinate security incident response
  • Lead bi-weekly sprints, standups and grooming sessions.
  • Lead brown bag security topics and help build the security community of practice at Quartet.

Employee Benefits for Quartet include: Unlimited vacation, volunteer opportunities, team events, mental healthcare coverage of 15 free therapy sessions + unlimited copay reimbursements, medical, dental + vision coverage, generous parental and military leave, commuter benefits, 401K, and stock option grants.

Want to know what Quartet life is like? Click here to meet our team.

Quartet actively encourages applicants of all backgrounds to apply and is proud to be an equal opportunity employer. We do not discriminate on the basis of race, color, ancestry, religion, national origin, sexual orientation, age, citizenship, marital or family status, disability, gender, gender identity or expression, pregnancy or caregiver status, veteran status, or any other legally protected status. To perform this job successfully, an individual must be able to perform essential job duties -  reasonable accommodations may be made to enable qualified individuals with disabilities to perform essential job functions. If you require assistance in completing this application, interviewing, or otherwise participating in the employee selection process, please direct your inquiries to talent@quartethealth.com

Please note: Quartet interview requests and job offers only originate from quartethealth.com email addresses (e.g. jsmith@quartethealth.com). Quartet will also never ask for bank information (e.g. account and routing number), social security numbers, passwords, or other sensitive information to be delivered via email. If you receive a scam email or wish to report a security issue involving Quartet, please notify us at: security@quartethealth.com

Have someone to refer? Email talent@quartethealth.com to submit their details to us.

Job tags: Architecture Audits AWS Compliance Finance Google HIPAA HITRUST Incident response Military Risk management SOC2 Strategy Vulnerabilities
Job region(s): North America Remote/Anywhere
Job stats:  24  1  0
  • Share this job via
  • or