Job Details
We are looking for a seasoned Security Architect to ensure proper technology risk and security considerations here at SiteRx. Were based in New York City, and the position can be initially remote but expected to lead the team based out of the NYC office.
We are seeking an experienced security officer to create and manage business-aligned IT security, risk, and compliance programs by developing, documenting, implementing, and maintaining comprehensive security compliance and privacy frameworks. If you are a curious, motivated person and are looking to make an immediate impact at an exciting, hyper-growth startup that is making significant positive changes in peoples lives, please get in touch!
****Our Mission****
We are empowering the fight to cure Alzheimers disease.
Today, the best option for a patient diagnosed with Alzheimers or other neurodegenerative diseases is a prescription that, at most, temporarily improves symptoms. In the face of this stark prognosis, an alternative treatment option provides an avenue for hope: *clinical trials* .
For physicians, finding trials and figuring out which patients are a good fit is an enormous amount of work that takes away from the patients care in front of them. SiteRx gives them a better option. Our software equips doctors to incorporate clinicAlzheimersyoureal research as a patient care option, generating significant new income for their practice and providing patients access to potentially life-saving treatments. And the best part: *this is achieved all while maintaining their existing workflow* .
****How Youll Contribute****
* Develop, implement, and monitor strategic, comprehensive enterprise information security and IT risk management programs.
* Ensure compliance with HIPAA as it relates to business operations.
* Define, build, and lead an Information Security organization supporting team mission and defined information security programs.
* Work with Executive Leadership to define acceptable levels of business risk.
* Perform information security risk assessments on new products, features, framework components, cloud-based infrastructure, and external vendors
* Communicate IT compliance requirements throughout the organization.
* Develop metrics for evaluating the effectiveness and success of the security and privacy frameworks to ensure they meet the needs of all internal and external stakeholders.
* Lead all privacy and security governance efforts to ensure alignment of the privacy and security program to the needs of the organization as well as legal and regulatory requirements
****First 180 Days****
* Lead Systems Risk Assessment with an external vendor
* Review and refine security policies
* Prepare training materials for the organization and conduct training
* Work with business teams through vendor certification processes
* Prepare the organization for HITrust certification
* Conduct security and penetration testing
* Create and maintain a security scorecard profile
****What You Bring****
* Minimum of 10 years of experience in IT compliance and security
* Healthcare background (HIPAA).
* Experience with ISO 27001, HITRUST, SOC2 certifications
* Strong people leadership ability with a focus on mentoring and developing talent
* Well-developed analytical skills: ability to assess situations and complex problems quickly
* Excellent communication skills - interpersonal, writing, telephone, group presentation, and creative problem-solving skills
* Ability to thrive in a fast-paced, technical, and mission-focused environment
* Experience in the Healthcare technology domain, colossal plus
****Required Tech Stack****
* AWS
* Azure
* Crowdstrike Falcon
* Github
* GSuite
* Jira/Confluence (Atlassian)
* Azure Monitor
* OS: Linux, UNIX, Windows, OSX / Apple
* TrueVault
* VPN and DLP
****What You Get****
* Highly competitive salary and comp structure
* Medical, Dental and Vision benefits
* Unlimited PTO
* Generous equity package
* The knowledge that youre making a real contribution toward the cure of Alzheimers and other neurodegenerative diseases
**U.S. Equal Opportunity Employment Information (Completion is voluntary)**
Individuals seeking employment at SiteRx are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.
Completion of the form is entirely **voluntary**. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.
Gender
Please identify your race
If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:
A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.
A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran Status
Form CC-305
OMB Control Number 1250-0005
Expires 05/31/2023
**Voluntary Self-Identification of Disability**
We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.
Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labors Office of Federal Contract Compliance Programs (OFCCP) website at .
You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life