What You Will Do

• Understand, analyze, and report on the company's risk environment, system of controls, control health, maturity, residual risk, and remediation status.
• Operate and contribute to the processes assessing alignment against key control frameworks and assurance standards, evangelizing their importance across the organization.
• Maintain and continuously improve Trust Center content to support customer self-serve enablement and contribute to the creation and update of pre-filled questionnaires.
• Facilitate and support periodic security reviews for vendors and system access, reporting on review status, deviations, and remediation efforts.
• Collaborate with internal teams to maintain effective security testing, reporting, and remediation practices, including static and dynamic security testing and network penetration testing.
• Engage in professional development opportunities, including completing specific product onboarding, security training, and certifications.

What We Are Looking For

• Proactive self-starter with a strong technical aptitude and excellent problem-solving skills.
• Exceptional written and verbal communication skills, with a keen attention to detail.
• Demonstrated ability to manage projects and tasks with minimal supervision, delivering results in a fast-paced environment.
• Strong collaborative spirit, with the ability to work effectively across various teams and departments.
• A history of self-managed results showcasing a commitment to continuous learning and improvement.
• Bachelor’s degree in Information Security, Computer Science, or a related field, or equivalent experience.
• Familiarity with security, tech, or engineering disciplines through diplomas, certifications, or relevant work experience.
• 2-4 years of experience in information security, compliance, or a related field in a healthcare SaaS environment, with a solid understanding of compliance frameworks and standards.
• Experience with Python, Bash, Ruby, or other scripting languages; familiarity with artificial intelligence, data analytics, cloud technologies, and IT operations.
• Relevant certifications (e.g., CCSK, CISM, CISA, CISSP) are highly desirable.
• An understanding of, or experience with, relevant security frameworks and standards.
• Must be fluent in written and spoken English

Bonus Points

• A strong research background or contributions to security and tech communities (e.g., meetups, online forums, publications, open source projects).
• Experience working on a software or DevOps team, including internships, co-op placements, or open-source projects.
• Any additional certifications or training relevant to information security, such as CSA CCSK Plus or Portswigger Web Security Academy Apprentice Path.

• Salary Range: $70,000 - $100,000 USD/year
• Plus a potential annual bonus of up to 5% of the salary.
• This is a target starting cash range for a candidate who meets the minimum qualifications for this role. The final cash pay for this role will depend on a variety of factors, including a specific candidate’s experience, qualifications, skills, and projected impact.
• ***This is a remote position***