Security and Compliance Manager

Join Our Mission to Revolutionize Healthcare

Thoughtful AI is pioneering a new approach to automation for all healthcare providers! Our AI-powered Revenue Cycle Automation platform enables the healthcare industry to automate and improve its core business operations.

We are seeking an experienced Security and Compliance Manager to lead our information security initiatives and ensure compliance with industry regulations.

The ideal candidate will have a strong background in cybersecurity, risk management, and regulatory compliance, particularly in managing SOC 2 audits. This role will collaborate closely with internal teams and external stakeholders to strengthen our security posture and support our sales efforts by addressing customer security concerns.

Join us to transform how leading healthcare companies operate.

Your Responsibilities

Maintain Security and Compliance Posture

• SOC 2 Audit Leadership: Lead and orchestrate SOC 2 audit processes, ensuring thorough planning, execution, and reporting.
• Policy Development: Architect, implement, and maintain information security policies, procedures, and controls to strengthen organizational defenses.
• Risk Assessments: Execute risk assessments and vulnerability analyses to identify and mitigate potential security threats.
• Incident Response: Monitor and respond to security incidents and breaches, ensuring swift resolution and thorough documentation.
• Regulatory Compliance: Collaborate with internal and external stakeholders to ensure compliance with regulatory requirements and industry best practices.
• Employee Training: Design and deliver training programs to educate employees on information security policies and procedures.
• Trend Analysis: Analyze emerging security trends, threats, and technologies, and recommend enhancements to the security program.
• Reporting: Create and present data-driven reports on the information security program status to senior management.

Sales Security Advisory

• Sales Support: Support the Sales team by conducting security and IT reviews with customers, addressing their concerns, and showcasing our robust security measures.
• Alignment with Standards: Align sales materials and presentations with industry security standards and customer compliance requirements.
• Strategic Collaboration: Collaborate with sales teams to ensure security is a key factor in customer acquisition and retention strategies.

Cybersecurity Strategy and Risk Management Advisory

• Strategy Development: Lead the development and execution of comprehensive cybersecurity strategies aligned with industry standards and regulatory requirements.
• Risk Management: Advise leadership on risk management and security governance to protect Thoughtful AI’s assets and data.
• Policy Enforcement: Ensure compliance with security policies, regulations, and best practices across the organization.
• Incident Oversight: Oversee incident response planning and execution, minimizing the impact of security breaches.

Your Qualifications

• Education: Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
• Experience: 10 years of work experience, with 5+ years in security compliance or audit-related roles within the tech industry. Experience managing security compliance audits of cloud environments and experience with HIPAA, HITECH, and HITRUST is a plus.
• Certifications: Preferred certifications include CISSP, CISM, CRISC, CISA, and CSA Cloud platforms (AWS, Azure, or GCP).
• Technical Expertise: Strong understanding of cloud environments, on-prem systems, and managing access in an IT environment.
• Compliance Tools: Experience with compliance platforms such as Thoropass, Vanta, etc., is a plus.
• Communication & Collaboration Skills: Excellent written and verbal communication skills. Comfortable working in a small team with cross-organizational responsibilities.

Why Thoughtful?

• Competitive Compensation: We offer a competitive salary aligned with industry standards.
• Equity Participation: Employee Stock Options to share in the company's success.
• Health Benefits: Comprehensive medical, dental, and vision insurance to keep you and your family healthy.
• Time Off: Generous leave policies and paid company holidays to ensure work-life balance.
• Innovative Environment: Work with cutting-edge AI technologies in the healthcare sector.