Director, Information Security
About Stellar Health:
Historically, US Healthcare has relied on a fee-for-service reimbursement system where providers are paid based on the quantity of patient visits and procedures, rather than the quality of health outcomes.
At Stellar Health, we help primary care providers put patient health first. Our platform - a mix of technology, people, and analytics - supports providers at the point of care, delivering real-time patient information, activating practice staff, and empowering providers and care teams with incentives that reward the work they are already doing to keep patients healthy. Using the Stellar App, our web-based, point-of-care tool; practices receive a simple checklist of recommended actions that support the best quality care. Providers and care teams are then paid monthly for each action they complete, and Payors save money in reduced healthcare costs along the way.
Stellar is a US-based Health-tech backed by Top VCs (General Atlantic, Point72, & Primary Venture Partners) with an established product & proven operating model. We’ve shown that we make a real difference for physician practices and their patients.
About the position:
Stellar Health is looking for a Director, Information Security to join our team! This person will have the opportunity to partner closely with our Chief Compliance Officer, Chief Technology Officer, and Director, Information Technology in order to grow and mature the information security function at Stellar.
You'll have an immense degree of latitude when it comes to setting Stellar's overarching security strategy; working closely with senior stakeholders across our business (Engineering, Product, Ops, etc.) to ensure compliance with healthcare related regulations (HIPAA Compliance, HiTrust Certification, etc.) and coalesce all of our existing and future major security initiatives under one umbrella.
As the most senior member of our security team, you'll be tasked with providing technical guidance, driving key strategic initiatives, rolling up your sleeves and diving in on projects, as well as coaching, mentoring, and developing the current members of the Security team.
What you’ll do:
Grow and Mature the Security function at Stellar
- Design, build, and maintain a robust and leading security infrastructure
- Scale the Information Security program at Stellar to accommodate our current and expected growth
- Shape the future of the Security organization structure and culture
- Serve as a technical subject matter expert throughout the implementation and maintenance of security infrastructure and solutions; define and oversee the documentation of detailed standards (e.g., guidelines, processes, procedures)
- Work closely with other teams to ensure we are executing on Security initiatives effectively
- Partner closely with our Chief Compliance Officer to ensure that Stellar is in full compliance with healthcare industry regulations, customer obligations, and evolving best practices
As Director, Information Security you should have:
- A deep understanding of security risk management, with a focus on risk mitigation rather than elimination
- Exceptional problem-solving skills with an ability to build relationships, lead through influence, and manage key senior stakeholders
- 7-10 years of hands on experience with security and information technology programs, including knowledge of the frameworks you’ve worked on from top to bottom
- Experience working in healthcare or health-tech, with a deep understanding of the regulatory and compliance frameworks that are unique to our space (HIPAA Security, etc.)
- Technical inclination and have an educational background in Information Security, Computer Science, or another related STEM field.
- CISSP, CISM, or similar certifications
- HITRUST, SOC 1, and SOC 2 Compliance
- Familiarity with SOX Compliance
- Familiarity with the due diligence involved in taking a startup through an IPO
At Stellar, we believe in transparency and we do our best to make sure the company and our candidates are on the same page as it relates to compensation. In addition to posting salary ranges for our open roles, candidates should expect to be asked about compensation expectations and requirements early on in their interview process. Our goal is to highlight when expectations and Stellar’s salary range may be out of sync, and work with the candidate to determine whether it makes sense to continue conversations.
The salary range for this role is $220,000 - $250,000 and will be eligible for an annual performance based bonus and equity grant. Where a new hire falls within this range will be based on their individual skills and experience, and how these competencies compare across other employees in the same role. Stellar's bands are designed to allow for individual compensation growth within the role. As such, new hires typically start at the lower end of the range. Stellar rewards performance and outcomes - should you join the company, you will have the opportunity to grow your salary over time.
Stellar reserves the right to change our compensation bands at any time.
Perks & Benefits:
Stellar offers a carefully curated selection of wellness benefits and perks to our employees:
- Medical, Dental and Vision Benefits
- Unlimited PTO (and ask our recruiting team about the ways we make sure employees are actually taking PTO)
- Universal Paid Family Leave, with up to 21 weeks of fully paid leave available to new parents and caregivers
- Company sponsored One Medical memberships and Citibike memberships
- Medical Travel Benefits
- A monthly wellness stipend that gives employees the freedom to choose where they spend their cash, whether it be on wellness, pet care, childcare, WFH items, or charitable donations
- Stock Options & a 401k matching program
- Career development opportunities like Manager Training, coaching, and an internal mobility program
- A broad calendar of company sponsored social events that for our in-office and remote employees
Diversity is the key to our success. Stellar Health is an equal opportunity employer and we are open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, veteran status, or any other legally protected status.
We believe that diverse teams -and the different identities, cultures, and life experiences our team members bring to the table- enable us to create amazing products, find creative solutions to interesting problems, and build an inclusive working environment.