Information Security & Compliance Manager, Tomorrow Health
$170-212.5k
Plus equity
Technology-driven home healthcare management
Job no longer available
Technology-driven home healthcare management
101-200 employees
Job no longer available
$170-212.5k
Plus equity
101-200 employees
Company mission
Tomorrow Health's mission is to reimagine healthcare in the home.
Role
Who you are
- 5+ years of experience in security and compliance roles, preferably in the healthcare technology industry
- Strong understanding of SOC 2, HITRUST, HIPAA, and other relevant regulatory requirements
- Deep understanding of modern technology infrastructure necessary to drive secure development patterns and practices, and experience with modern cloud-based technology stacks
- Proven track record of successfully obtaining and maintaining security certifications
- Demonstrated ability to develop and implement security and compliance programs from the ground up
- Excellent project management skills with the ability to prioritize tasks and manage multiple projects simultaneously
- Bachelor's degree in Information Security, Computer Science, or a related field, or equivalent industry experience
- Relevant certifications such as CISSP, CCSFP, CISM, or CompTIA Security+ are a plus
- Knowledge of Medicare and Medicaid regulations, and/or experience working with health insurance plans, is a plus
- Experience with AWS/Aptible, Terraform, Docker, Python, React, and GraphQL/REST are an added benefit
What the job involves
- We are seeking an experienced Information Security & Compliance Manager to join our team. Reporting to the Sr. Director of Engineering, the Information Security & Compliance Manager will play a crucial role in building Tomorrow Health’s security and compliance program
- You will be responsible for leading efforts to obtain various certifications such as SOC 2 and HITRUST, supporting customer diligence questionnaires and ongoing audits, and overall ensuring that Tomorrow Health achieves and maintains excellence in security and compliance
- Collaborate with cross-functional leaders to craft and implement the company's security and compliance strategy
- Develop, manage, and execute the security and compliance program in alignment with organizational goals and objectives
- Drive the development of policies, procedures, and controls to mitigate security risks and ensure compliance with industry standards and regulations
- Lead efforts to obtain certifications such as SOC 2 and HITRUST, including coordinating with external auditors and internal stakeholders, reporting progress to leadership, and maintaining certification standards on an ongoing basis
- Complete regular internal risk assessments and audits, reporting on status and progress to leadership and recommending steps to improve our posture
- Manage and prioritize security and compliance initiatives based on risk assessment and business needs, and advise the team of pragmatic mitigation strategies
- Lead regular tabletop exercises and drills for critical processes such as incident response, data backup, and disaster recovery procedures. Work with teams to continually improve their incident response processes
- Build repeatable internal processes to manage vendors across the organization, monitor compliance, and remediate vulnerabilities
- Provide expertise and guidance on HIPAA practices and other relevant regulatory requirements
- Support customer diligence questionnaires and ongoing audits by ensuring compliance with relevant standards and regulations
- Serve as the primary point of contact for security and compliance-related inquiries from internal and external stakeholders
- Foster a culture of security and compliance awareness throughout the organization. Work with team leaders to “shift left” and distribute security and compliance responsibility throughout the organization
- Monitor industry trends and developments to ensure the company's security and compliance practices remain current and effective
Otta's take
Sam Franklin
CEO of Otta
Tomorrow Health is one of a significant number of startups operating in the healthcare space. The platform allows carers and patients, those homebound permanently, recovering from surgery or living with chronic conditions, to find durable medical equipment. It also coordinates the logistical issues between payers and insurance providers and takes care of home delivery.
An advantage for users is that it goes further than simply being an online shopping platform for medical supplies, by also using key data to find the most suitable products based on location, insurance coverage, and product specialization. It's also not just targeting patients and their unpaid carers, but healthcare providers as well. The company has made good progress in this regard by partnering up with Medicaid company Geisinger Health.
The global health tech space is booming, expected to reach a whopping $1.5 trillion USD by 2030. This means that there’s plenty of competition for the Andreessen Horowitz-backed startup. It plans to expand its team with strategic business development, finance, and operations hires to keep on top of the competition.
Insights
Many candidates hear
back within 2 weeks
23% employee growth in 12 months
Company
Funding (last 2 of 3 rounds)
Jun 2022
$60m
SERIES B
Apr 2021
$25m
SERIES A
Total funding: $92.5m
Company benefits
- Medical, dental and vision coverage including HSA and FSA access, fully covered membership in One Medical for on-demand primary care, and Teladoc for 24/7 virtual care
- Unlimited paid time off
- Monthly hosted events including happy hours, virtual educational trainings and panels, game nights, and company outings
- Work remotely in the U.S or in our New York office
- Full Mac setup and reimbursements
Company values
- Fight like hell for patients
- Change the system from within
- Report to the goal
- Be the catalyst
- Work hard, and work smart
- Do more with less
- Assume best intent
- Aim high and dream big
Company HQ
NoMad, New York, NY
Articles
Founders
Gabriel Flateman
(Board Member )Studied Music at Brown. Cofounded Consignd. Cofounded and served as CTO of Casper for 5 years. Current Founding Partner of Summer.
Vijay Kedar
(CEO)Studied Economics and MBA at Harvard. Started career as Media Communications Officer at Obama for America. Worked at Goldman Sachs for 4 years, promoted from Quantitative Investment Strategist to Private Equity group. Was on the Board of Advisors for Dallas Regional Chamber. Worked for 3 years in 3 roles at Oscar Health, leaving as Senior Director of Care Innovation.
Share this job