Head of Information Security Governance
Remote, United States, Canada
Datavant is a rapidly growing health information technology company with a mission to connect the world’s health data to improve patient outcomes. Datavant works to reduce the friction of data sharing across the healthcare industry by building technology that protects the privacy of patients while supporting the linkage of patient health records across datasets.By joining Datavant today, you’re stepping onto a highly collaborative, remote-first team that is passionate about creating transformative change in healthcare. We hire for three traits: we want people who are smart, nice, and get things done. We invest in our people and believe in hiring for high-potential and humble individuals who can rapidly grow their responsibilities as the company scales. Datavant is a distributed, remote-first team, and we empower Datavanters to shape their working environment in a way that suits their needs. Read more about our culture and benefits here!
Our Security Governance Teams have built strong programs based on NIST, CIS and attained multiple certifications, such as FedRAMP, SOC2+HITRUST and ISO27001 in strong collaboration with our Security Teams, Engineering Team and business teams.
As our Head of Information Security Governance you'll bring together our organization’s existing Security Risk Management, Audit & Certification, Third Party Risk Management and Customer Security Assurance programs into a single team, responsible for establishing Datavant as the most trustworthy company in healthcare technology. Your challenge will be to bring these teams together while raising the bar for our programs when it comes to streamlining processes, enabling our business to attain more certifications with minimal uplift while maintaining our high bar for compliance. Your experience and guidance will help foster a robust culture of security across multiple teams and help to instill the core value that everyone owns security at Datavant.
- Support, maintain and improve upon Datavant’s expanding Security Compliance Program, including technical Security Audits and Certifications, Third Party Risk Management, Security Risk Management and Customer Security Assurance.
- Build a strategic roadmap of frameworks and certifications, aligned on the needs of our customers and our businesses strategic roadmap.
- Support an existing team of exceptional practitioners while developing a plan and hiring for future needs.
- Partner with our engineering, information technology and business teams to help them identify solutions and controls that accelerate their impact to the business while meeting Security Compliance regulations, certifications and other requirements.
- Collaborate with our Engineering, IT and Security leadership to team align on priorities and risks.
- Accelerate our ability to attain and maintain certifications by up-leveling the efficiencies of our program. Leveraging compliance framework management tooling and processes.
- Partner with our Go To Market leaders and customers to understand trends and needs of our customers.
- Drive an improved model of customer engagement for security information, including a culture of industry collaboration, white papers, knowledge bases and self-service.
What you will bring to the table:
- Experience leading teams to implement and manage various security compliance regimes. (HITRUST, FedRAMP, ISO, SOC2 etc)
- Excellent analytical and problem-solving skills
- Experience growing professionals, mentoring and promoting strong performers.
- Excellent oral and written communication skills
- Defined team structures that unlock potential and establish accountability for team members.
- Driven, startup-ready, comfortable working in a fast-paced and remote environment
- Strong leader, able to work efficiently and independently without supervision.
- Working with Go to Market, Security and Auditor leaders
- Built efficient and scalable programs that are not dependent on spreadsheets or manual efforts.
We are committed to building a diverse team of Datavanters who are smart, nice, and get things done, where every Datavanter is empowered to bring their authentic self to their work. We are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.
Our compensation philosophy is to be externally competitive, internally fair, and not win or lose on compensation. Salary ranges for this position are developed with the support of benchmarks (competitive San Francisco rates for US-based roles) and industry best practices.
We’re building a high-growth, high-autonomy culture. We rely less on job titles and more on cultivating an environment where anyone can contribute, the best ideas win, and personal growth is driven by expanding impact. This means we default to simple job titles (e.g., Software Engineer) rather than complex ones (e.g., Senior Software Engineer). The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on level, responsibilities, skills, and experience for a specific job. The estimated salary range for this role is [$X,XXX - $X,XXX].
At the end of this application, you will find a set of voluntary demographic questions. If you choose to respond, your responses will be anonymous and used to help us identify areas of improvement in our recruitment process. (We can only see aggregate responses, not individual responses. In fact, we aren’t even able to see if you’ve responded or not.) Responding is your choice and it will not be used in any way in our hiring process.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
., ., United States ., ., United States Full TimeExecutive Executive-levelUSD 48K - 90K * USD 48K+ *
Insider Threat Director - 100% US REMOTE ONLYAnalytics Compliance Governance Incident response Monitoring Risk assessment +3
401(k) matching Career development Competitive pay Equity Flex hours +5
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs