Vericred has built the first multi-carrier, end-to-end quoting, enrollment and member management API solution for Health Insurance and Employee Benefits. With adoption from all of the major medical carriers and overwhelming traction from end-user-facing platforms, our Quoting and Enrollments APIs are set for massive growth and industry disruption.

At its core, Vericred is a technology and data company. Our position at the intersection of technology and health insurance and benefits makes information security a top priority for our team and our customers. Our Director of Security owns the entire information security program from strategic planning to tactical implementation. This person leads all elements of security including annual security audit, risk management, personnel security, physical office security, and protecting the data of our customers, team members, and organization in partnership with a security advisor, Director of Engineering and the Chief of Staff. 

In this role you will

• Serve as the primary point of contact for information security, risk, and compliance issues
• Ensure we maintain our existing certifications and adopt new ones when appropriate
• Oversee and manage the implementation, upgrade, and maintenance of security technologies
• Periodically reporting the status of the security program and maturity to C-level and Board
• Define how we tell and how we share Vericred’s security story with customers and other outside groups
• Lead incident response processes
• Oversee and coordinate information security audits
• Lead engineering-specific security and operations tasks including identity and access management, vulnerability management, incident response, IDS/IPS, firewall rule reviews, asset management, penetration tests, endpoint protection solutions, SIEM, and mobile device management
• Partner with our outsourced IT department to manage and ensure compliance of office networks and physical Vericred assets
• Partner with People and Operations teams on human resources and personnel related security needs
• Partner with Legal Team on contract reviews and vendor management plans to align with data security, regulatory, and compliance requirements
• Develop and maintain security awareness programs for all employees and contractors
• Contribute to engineering security reviews for new projects and enhancements, working with partners to develop appropriate risk mitigation strategies
• Advocate for information security across the organization, balancing security controls while supporting business initiatives
• Monitor threat environment and identify potential areas of vulnerability and risk; develop appropriate risk treatment options

About your skills and experience

• 7+ years in an information security role at a technology company, 2+ years managing security strategy, a security team and security-related project and work groups
• Experience implementing and managing a business environment that is compliant with SOC2, HIPAA, and HiTrust frameworks (PCI and ISO 27001 a plus)
• Working knowledge of Jamf, Aptible, Okta, Mimecast, and other common security tech stack systems
• Experience in cloud security and cloud-native environments. AWS and Heroku preferred.
• Exceptional communication skills and can easily move between technical and non technical audiences with clarity
• Experience working with cybersecurity vendors for formal security assessments and audits
• Strong understanding of system and network security principles and technology
• Bachelor's degree in Computer Science, Engineering or Information Technology or equivalent related work experience

What We Do

Vericred is the way health insurance carriers and employee benefits providers connect with new technology partners to deliver seamless quote-to-card consumer experiences. We are not the websites or apps you use to choose a plan or find a doctor. We are the infrastructure. We are the ‘pipes’ that simplify the complex exchange of quoting, enrollment and plan management data between carriers and the technology partners responsible for delivering health and employee benefits to hundreds of millions of Americans everyday. Our APIs transmit billions of data points between InsurTech and insurance carriers, powering digital distribution across the insurance industry. Come join the community of insurance geeks creating a seamless digital quote-to-card experience. 
 

Who we are

We are a group of people who love a good API and all it can do. We are benefits geeks that believe this industry will go through a digital transformation as others have. For efficiency. For better member experiences. To enable new and innovative products. A group that believes that simple data exchange is the key to a thriving industry.
We are connecting the insurance industry. Faster. Better. Awesomely.

Our benefits include

• Competitive salary
• 100% company paid medical and dental for you and your dependents
• Healthcare and dependent FSA
• 401K with matching
• Twice weekly catered lunches in office
• Unlimited snacks and drinks in-office
• Responsible PTO policy
• Flexible remote work policy
• Pre-tax commuting benefits
• fRYEday: Our end of week Rye tasting and happy hour ritual
• Stand-up desks
• Centrally located Headquarters on Madison Square Park and Omaha office in Old Mill neighborhood

We are an equal opportunity employer. We welcome people of different backgrounds, experiences, abilities and perspectives. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

All offers of employment are contingent upon successful reference and background checks.