Security and Compliance Manager
Austin or Remote
Join Our Mission to Revolutionize Healthcare
Thoughtful AI is pioneering a new approach to automation for all healthcare providers! Our AI-powered Revenue Cycle Automation platform enables the healthcare industry to automate and improve its core business operations.
We are seeking an experienced Security and Compliance Manager to lead our information security initiatives and ensure compliance with industry regulations.
The ideal candidate will have a strong background in cybersecurity, risk management, and regulatory compliance, particularly in managing SOC 2 audits. This role will collaborate closely with internal teams and external stakeholders to strengthen our security posture and support our sales efforts by addressing customer security concerns.
Join us to transform how leading healthcare companies operate.
Your Responsibilities
Maintain Security and Compliance Posture
- SOC 2 Audit Leadership: Lead and orchestrate SOC 2 audit processes, ensuring thorough planning, execution, and reporting.
- Policy Development: Architect, implement, and maintain information security policies, procedures, and controls to strengthen organizational defenses.
- Risk Assessments: Execute risk assessments and vulnerability analyses to identify and mitigate potential security threats.
- Incident Response: Monitor and respond to security incidents and breaches, ensuring swift resolution and thorough documentation.
- Regulatory Compliance: Collaborate with internal and external stakeholders to ensure compliance with regulatory requirements and industry best practices.
- Employee Training: Design and deliver training programs to educate employees on information security policies and procedures.
- Trend Analysis: Analyze emerging security trends, threats, and technologies, and recommend enhancements to the security program.
- Reporting: Create and present data-driven reports on the information security program status to senior management.
Sales Security Advisory
- Sales Support: Support the Sales team by conducting security and IT reviews with customers, addressing their concerns, and showcasing our robust security measures.
- Alignment with Standards: Align sales materials and presentations with industry security standards and customer compliance requirements.
- Strategic Collaboration: Collaborate with sales teams to ensure security is a key factor in customer acquisition and retention strategies.
Cybersecurity Strategy and Risk Management Advisory
- Strategy Development: Lead the development and execution of comprehensive cybersecurity strategies aligned with industry standards and regulatory requirements.
- Risk Management: Advise leadership on risk management and security governance to protect Thoughtful AI’s assets and data.
- Policy Enforcement: Ensure compliance with security policies, regulations, and best practices across the organization.
- Incident Oversight: Oversee incident response planning and execution, minimizing the impact of security breaches.
Your Qualifications
- Education: Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
- Experience: 10 years of work experience, with 5+ years in security compliance or audit-related roles within the tech industry. Experience managing security compliance audits of cloud environments and experience with HIPAA, HITECH, and HITRUST is a plus.
- Certifications: Preferred certifications include CISSP, CISM, CRISC, CISA, and CSA Cloud platforms (AWS, Azure, or GCP).
- Technical Expertise: Strong understanding of cloud environments, on-prem systems, and managing access in an IT environment.
- Compliance Tools: Experience with compliance platforms such as Thoropass, Vanta, etc., is a plus.
- Communication & Collaboration Skills: Excellent written and verbal communication skills. Comfortable working in a small team with cross-organizational responsibilities.
Why Thoughtful?
- Competitive Compensation: We offer a competitive salary aligned with industry standards.
- Equity Participation: Employee Stock Options to share in the company's success.
- Health Benefits: Comprehensive medical, dental, and vision insurance to keep you and your family healthy.
- Time Off: Generous leave policies and paid company holidays to ensure work-life balance.
- Innovative Environment: Work with cutting-edge AI technologies in the healthcare sector.
California Salary Range $175,000—$250,000 USD Apply
Job Profile
Competitive compensation Competitive salary Employee stock options Equity participation Generous leave policies Health benefits Paid company holidays
Tasks- Advise on risk management
- Analyze security trends
- Collaborate
- Create reports for management
- Design employee training programs
- Develop cybersecurity strategies
- Develop information security policies
- Ensure regulatory compliance
- Execute risk assessments
- Lead SOC 2 audit processes
- Monitor security incidents
- Support sales team with security reviews
AI Automation AWS Azure Cloud environments Cloud platforms Collaboration Communication Compliance tools Cybersecurity Cybersecurity strategy Employee Training GCP HIPAA HITECH HITRUST Incident Response Information security policies Regulatory Compliance Reporting Risk assessments Risk Management Sales security advisory SOC 2 audits Trend Analysis
Experience10 years
EducationBachelor's degree in Computer Science Bachelor's Degree in Cybersecurity Bachelor's degree in information security Bachelor’s Degree in Related Field
Certifications TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9