Director of Security (US Remote)
About Eden Health
Eden Health is a nationally recognized medical practice on a mission to create a world where every person has a relationship with a trusted healthcare provider. Working with employers across the country, Eden Health offers employees 24/7 digital care, same-day in-person primary care, mental health services, physical therapy, and benefits navigation. The Eden Health team is driven by a patient-centric approach, delivering relationship-based collaborative care. With this model, our clients have healthier workforces, increased productivity, and reduced healthcare costs. We are committed to diversity, equity, and integrity, and our teams reflect this. Our hope at Eden Health is to create an environment where each person can do the best and most important work in their careers.
What you will be doing
This is a highly visible leadership role with a potential for immense impact in the entire organization. The role sits at the intersection of Technical Operations and Compliance, which means it’s a mix of hands-on technical implementation and also compliance wizardry with frameworks such as SOC 2 Type 2, NIST CSF, and HITRUST. The Director of Security will own the cybersecurity and security compliance functions necessary for the core business systems and processes to function. Although this role is expected to take ownership of these domains, the cybersecurity function at Eden is –by no means– a single person effort and will be empowered by Eden’s leadership to effect cross-functional improvements across the organization.
What success looks like
- Build and maintain a world-class security program which meets organizational, regulatory, and customer obligations.
- Build a security team and train them and the extended security team (including engineering, devops, and IT) with respect to the security program.
- Manage the SOC2 and HITRUST compliance program including oversight of the gap remediation, ongoing evidence collection, and audit evidence submission processes.
- Report security metrics to the leadership to keep them aware of the progress of the security program and the current state of the security posture.
What you will bring
- 5-6 years experience implementing and leading security programs in organizations heavily invested in cloud-based infrastructure (preferably in a healthcare setting using AWS).
- Track record of working with external auditors and successfully obtaining SOC2 and similar attestations / certifications (e.g. HITRUST).
- Experience discussing security posture and nuances with customers and organization leadership.
- Ability to boil down complex security concepts for a non-technical and non-security savvy audience.
- Hands-on experience with cloud-based infra and security tools
- Security certifications –such as CISSP, CISA, and CISM– are a nice-to-have, but experience in the role is preferred.
Why Eden Health?
- Remote first company and culture
- Series C Healthtech startup with a mission-driven team that's passionate about helping every person have a relationship with a trusted healthcare provider
- Competitive salary and equity compensation package
- Medical, dental, and vision insurance and commuter benefits
- Dedicated Culture Committee led by CEO
- Learning and development budgets to help you grow and bond with your team
- Positive, inclusive, supportive culture cheering you on your journey
- Strong and quickly growing client base of America’s leading employers
About our Tech
- React 16.13, + Typescript 4.0
- React Native 0.63 + Typescript 4.0
- Python 3.7
- Clojure 1.10
- Postgres 12
- AWS
While the majority of Eden Health positions are remote-first, we are a company that values building trusted relationships. To achieve this we have programming and events which require us to be in person, including team and company-wide meetings. To ensure everyone's safety, we require all employees to be fully vaccinated against COVID -19, subject to reasonable accommodations for medical conditions or sincerely held religious beliefs. If you have additional questions, your Talent Partner will be able to answer them.
Eden Health is an equal opportunity employer and encourages all applicants from every background and life experience without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
Please note: Eden Health interview requests and job offers only originate from edenhealth.com email addresses (e.g. jsmith@edenhealth.com). Eden Health will never ask for bank information (e.g. account and routing number), social security numbers, passwords, or other sensitive information to be delivered via email. If you receive a scam email or wish to report a security issue involving Eden Health, please notify us at: security@edenhealth.com.