Director Of Security

Be part of an organization built on teamwork, innovation, mutual respect, and equity for all. We believe in the power of prevention over treatment, after our co-founders experienced how modern healthcare failed their loved ones, they knew there had to be a better way. We believe that every patient deserves to receive the right care, at the right time, and in the right location - regardless of their condition or status.

We lead with empathy above all else, and place the patient at the center of everything we do. Working at HealthSnap means being part of a family and a team where if you win, we all win, no matter how big or small the accomplishment. We take ownership - and lead with empathy - and expect each employee to recognize that real patients rely on HealthSnap every day.

• HITRUST Compliance: Ensure continuous compliance with HITRUST standards and requirements, including conducting regular risk assessments, gap analyses, and remediation efforts.
• Security Strategy: Develop and implement a comprehensive security strategy aligned with business objectives and industry best practices, focusing on risk management, threat detection, incident response, and security awareness.
• Security Operations: Oversee day-to-day security operations, including monitoring systems, analyzing security alerts, investigating incidents, and coordinating with internal teams, external partners, and vendors such as CrowdStrike to mitigate threats effectively.
• Security Infrastructure: Evaluate, implement, and manage security technologies and solutions, such as CrowdStrike Falcon platform, firewalls, intrusion detection systems, endpoint protection, encryption, and identity/access management tools.
• Policies and Procedures: Establish and enforce security policies, standards, and procedures to ensure consistent adherence to security practices across the organization.
• Training and Awareness: Develop and deliver security awareness training programs to educate employees about security risks, policies, and best practices.
• Incident Response: Lead incident response efforts, including developing incident response plans, coordinating response activities, and leveraging CrowdStrike expertise for threat intelligence and incident investigation.
• Vendor Management: Evaluate security risks associated with third-party vendors, including CrowdStrike, and manage vendor relationships to ensure compliance with security requirements.
• Security Governance: Provide guidance and support to senior leadership and the board of directors on security matters, including presenting security updates, risk assessments, and recommendations for improving security posture.
• Security Audits and Assessments: Coordinate and support internal and external security audits and assessments, responding to auditor inquiries and ensuring timely resolution of findings.

• Bachelor’s degree in Computer Science, Information Security, or related field; Master’s degree preferred.
• Minimum of 8 years of experience in information security
• In-depth knowledge of HITRUST framework, standards, and requirements.
• Experience working with security partners such as CrowdStrike and familiarity with their products and services.
• Strong understanding of cybersecurity principles, practices, technologies, and trends.
• Experience with security technologies and tools, such as SIEM, IDS/IPS, DLP, and vulnerability management.