Security Risk, PM
Remote
About us:
Grow Therapy is on a mission to serve as the trusted partner for therapists growing their practice, and patients accessing high-quality care. Powered by technology, we are a three-sided marketplace that empowers providers, augments insurance payors, and serves patients. Following the mass increase in depression and anxiety, the need for accessibility is more important than ever. To make our vision for mental healthcare a reality, we’re building a team of entrepreneurs and mission-driven go-getters. Since launching in February 2021, we’ve empowered more than ten thousand therapists and hundreds of thousands of clients across the country and insurance landscape. We’ve raised more than $178mm of funding from Sequoia Capital, Transformation Capital, TCV, SignalFire, and others.
What You’ll Be Doing:
Grow Therapy is seeking an experienced Security Risk, PM to join our growing, remote-friendly Security team. This is the first role of its kind at Grow, and reports directly to our Head of Security.
This is a hands-on role, and is responsible for building and owning Grow’s Security compliance and risk management program. This position will be part of a growing group of security, legal, and compliance experts across the company and work with technology, legal and business partners to meet our risk management needs.
This role must collaborate effectively with development, engineering, and operations counterparts as well as internal and external partners to identify, articulate, prioritize, manage, and monitor security risks to protect Grow data, services, and information assets.
Responsibilities:
- Develop, implement, mature, and champion risk management processes and concepts.
- Deploy the risk management framework, processes, and tools to conduct risk assessments effectively and consistently.
- Conduct third-party risk assessments and security reviews of third-party vendors/suppliers.
- Work closely with technology and legal partners and business units to ensure appropriate security and data protection requirements are incorporated into third-party engagements.
- Conduct risk assessments of business units, critical processes and information assets.
- Partner with Legal and Compliance to prepare Grow for external audits and certifications (e.g HIPAA, SOC 2)
- Manage our security risk posture and define and report key risk metrics to management on a regular basis
You’ll be a good fit if you have:
- A minimum of 7 years of experience in information security risk management, including risk assessment and treatment, risk metrics and trend analysis
- Experience building and implementing Third Party Security Risk Assessment (TPSRA) programs.
- Strong knowledge of healthcare security and data privacy standards and regulations such as HIPAA, HITRUST, GDPR, CCPA, etc.
- Strong analytical and problem-solving skills.
- Strong written and verbal communication skills, building strong relationships at all levels of the organization from executives to project teams.
- Detail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly.
- Knowledge of how to use data to influence program strategy and tell compelling stories about organizational effectiveness and impact.
Salary range: $127,000 - $166,000
If you don’t meet every single requirement, but are still interested in the job, please apply. Nobody checks every box, and Grow belives the perfect candidate is more than just a resume.
Benefits
- The chance to drive impact within the mental healthcare landscape from day one
- Comprehensive health insurance plans, including dental and vision
- Our dedication to mental health guides our culture. Wellness benefits include (but are not limited to):
- Flexible working hours and location (remote OR in-office, your choice!)
- Flexible Time Off
- Company-wide winter break
- Mental health mornings (2 hours each week)
- Team meditation
- Wellness Stipend
- In-office lunch and biweekly remote lunch on us!
- Continuous learning opportunities
- Competitive salary
- The opportunity to help build a rapidly scaling start-up organization by taking strong ownership of your work, mentorship, and our unbounded leadership opportunities
#LI-REMOTE
Grow Therapy is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
ApplyJob Profile
Competitive salary Comprehensive health insurance Continuous learning Continuous learning opportunities Flexible time off Flexible working hours Health insurance Mental health mornings Mentorship Remote work options Wellness benefits Wellness stipend
Tasks- Conduct risk assessments
- Develop risk management processes
- Manage security risk posture
- Prepare for audits and certifications
Analysis Analytical CCPA Communication Data analysis Data privacy GDPR Healthcare HIPAA HITRUST Information security Marketplace Problem-solving Relationship building Risk Assessment Risk Management
Experience7 years
Education Certifications TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9