Head of Information Security Governance

Datavant is a rapidly growing health information technology company with a mission to connect the world’s health data to improve patient outcomes. Datavant works to reduce the friction of data sharing across the healthcare industry by building technology that protects the privacy of patients while supporting the linkage of patient health records across datasets.By joining Datavant today, you’re stepping onto a highly collaborative, remote-first team that is passionate about creating transformative change in healthcare. We hire for three traits: we want people who are smart, nice, and get things done. We invest in our people and believe in hiring for high-potential and humble individuals who can rapidly grow their responsibilities as the company scales. Datavant is a distributed, remote-first team, and we empower Datavanters to shape their working environment in a way that suits their needs. Read more about our culture and benefits here!

Our Security Governance Teams have built strong programs based on NIST, CIS and attained multiple certifications, such as FedRAMP, SOC2+HITRUST and  ISO27001 in strong collaboration with our Security Teams, Engineering Team and business teams. 

As our Head of Information Security Governance you'll bring together our organization’s existing Security Risk Management, Audit & Certification, Third Party Risk Management and Customer Security Assurance programs into a single team, responsible for establishing Datavant as the most trustworthy company in healthcare technology. Your challenge will be to bring these teams together while raising the bar for our programs when it comes to streamlining processes, enabling our business to attain more certifications with minimal uplift while maintaining our high bar for compliance. Your experience and guidance will help foster a robust culture of security across multiple teams and help to instill the core value that everyone owns security at Datavant.

You will:

• Support, maintain and improve upon Datavant’s expanding Security Compliance Program, including technical Security Audits and Certifications, Third Party Risk Management, Security Risk Management and Customer Security Assurance. 
• Build a strategic roadmap of frameworks and certifications, aligned on the needs of our customers and our businesses strategic roadmap.
• Support an existing team of exceptional practitioners while developing a plan and hiring for future needs.
• Partner with our engineering, information technology and business teams to help them identify solutions and controls that accelerate their impact to the business while meeting Security Compliance regulations, certifications and other requirements. 
• Collaborate with our Engineering, IT and Security leadership to team align on priorities and risks.
• Accelerate our ability to attain and maintain certifications by up-leveling the efficiencies of our program. Leveraging compliance framework management tooling and processes.
• Partner with our Go To Market leaders and customers to understand trends and needs of our customers. 
• Drive an improved model of customer engagement for security information, including a culture of industry collaboration, white papers, knowledge bases and self-service.

What you will bring to the table: 

•  Experience leading teams to implement and manage various security compliance regimes. (HITRUST, FedRAMP, ISO, SOC2 etc)
• Excellent analytical and problem-solving skills
• Experience growing professionals, mentoring and promoting strong performers.
• Excellent oral and written communication skills
• Defined team structures that unlock potential and establish accountability for team members.
• Driven, startup-ready, comfortable working in a fast-paced and remote environment
• Strong leader, able to work efficiently and independently without supervision.
• Working with Go to Market, Security and Auditor leaders
• Built efficient and scalable programs that are not dependent on spreadsheets or manual efforts. 

We are committed to building a diverse team of Datavanters who are smart, nice, and get things done, where every Datavanter is empowered to bring their authentic self to their work. We are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

Our compensation philosophy is to be externally competitive, internally fair, and not win or lose on compensation. Salary ranges for this position are developed with the support of benchmarks (competitive San Francisco rates for US-based roles) and industry best practices. 

We’re building a high-growth, high-autonomy culture. We rely less on job titles and more on cultivating an environment where anyone can contribute, the best ideas win, and personal growth is driven by expanding impact. This means we default to simple job titles (e.g., Software Engineer) rather than complex ones (e.g., Senior Software Engineer). The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on  level, responsibilities, skills, and experience for a specific job. The estimated salary range for this role is  [$X,XXX - $X,XXX].

At the end of this application, you will find a set of voluntary demographic questions. If you choose to respond, your responses will be anonymous and used to help us identify areas of improvement in our recruitment process. (We can only see aggregate responses, not individual responses. In fact, we aren’t even able to see if you’ve responded or not.) Responding is your choice and it will not be used in any way in our hiring process.