About the position:

Stellar Health is looking for a Director, Information Security to join our team! This person will have the opportunity to partner closely with our Chief Compliance Officer, Chief Technology Officer, and Director, Information Technology in order to grow and mature the information security function at Stellar.

You'll have an immense degree of latitude when it comes to setting Stellar's overarching security strategy; working closely with senior stakeholders across our business (Engineering, Product, Ops, etc.) to ensure compliance with healthcare related regulations (HIPAA Compliance, HiTrust Certification, etc.) and coalesce all of our existing and future major security initiatives under one umbrella.

As the most senior member of our security team, you'll be tasked with providing technical guidance, driving key strategic initiatives, rolling up your sleeves and diving in on projects, as well as coaching, mentoring, and developing the current members of the Security team.

What you’ll do:

Grow and Mature the Security function at Stellar

• Design, build, and maintain a robust and leading security infrastructure
• Scale the Information Security program at Stellar to accommodate our current and expected growth
• Shape the future of the Security organization structure and culture
• Serve as a technical subject matter expert throughout the implementation and maintenance of security infrastructure and solutions; define and oversee the documentation of detailed standards (e.g., guidelines, processes, procedures)
• Work closely with other teams to ensure we are executing on Security initiatives effectively
• Partner closely with our Chief Compliance Officer to ensure that Stellar is in full compliance with healthcare industry regulations, customer obligations, and evolving best practices

As Director, Information Security you should have:

• A deep understanding of security risk management, with a focus on risk mitigation rather than elimination
• Exceptional problem-solving skills with an ability to build relationships, lead through influence, and manage key senior stakeholders
• 7-10 years of hands on experience with security and information technology programs, including knowledge of the frameworks you’ve worked on from top to bottom
• Experience working in healthcare or health-tech, with a deep understanding of the regulatory and compliance frameworks that are unique to our space (HIPAA Security, etc.)
• Technical inclination and have an educational background in Information Security, Computer Science, or another related STEM field.

Bonus Points:

• CISSP, CISM, or similar certifications
• HITRUST, SOC 1, and SOC 2 Compliance
• Familiarity with SOX Compliance
• Familiarity with the due diligence involved in taking a startup through an IPO

Pay:

At Stellar, we believe in transparency and we do our best to make sure the company and our candidates are on the same page as it relates to compensation. In addition to posting salary ranges for our open roles, candidates should expect to be asked about compensation expectations and requirements early on in their interview process. Our goal is to highlight when expectations and Stellar’s salary range may be out of sync, and work with the candidate to determine whether it makes sense to continue conversations.

The salary range for this role is $220,000 - $250,000 and will be eligible for an annual performance based bonus and equity grant. Where a new hire falls within this range will be based on their individual skills and experience, and how these competencies compare across other employees in the same role. Stellar's bands are designed to allow for individual compensation growth within the role. As such, new hires typically start at the lower end of the range. Stellar rewards performance and outcomes - should you join the company, you will have the opportunity to grow your salary over time.

Stellar reserves the right to change our compensation bands at any time.