Senior Program Manager, IT Security & Compliance
WE HELP PRACTICES THRIVE!
Running a medical practice is difficult. That's why at PatientPop we have been dedicated since 2014 to helping doctors grow, modernize and streamline their practice. Along the way, we've managed to create an amazing culture that was named one of Built In Los Angeles 's Top 100 Digital Companies in LA. Our dog-friendly office is located 2 blocks from the beach, around the corner from 3rd Street Promenade. These are just a few of the things that made us certified as a Great Place to Work® for 2017.
But all of this is meaningless without great people, we are looking for a Senior Program Manager, IT Security & Compliance with experience at a startup or early-stage company that can help us build out our next phase of growth by working with our partner's software to create integrations solutions.
How will you contribute to PatientPop?
This role will impact our organization by being the team subject matter expert in compliance frameworks, and applicable laws such as HIPAA. We need a player who is a problem solver, who can work with all aspects of the organization to assess and drive the organization to mitigate risk. In this role, you will be
- Evaluating controls against common standards such as NIST 800-53, HITRUST, etc.
- Providing education and guidance about compliance to applicable laws HIPAA, TCPA, CAN-SPAM, etc
- Providing evidence of compliance for auditors, partners, and investors
- Performing an annual risk assessment as prescribed by NIST CSF and HITRUST
- Providing regular reports for leadership about the status of the program
Who will be successful in this role?
We are looking for someone with a passion for Security that loves working with people. The ability to plan, organize, execute priorities to meet business goals, and achieve results is key to success in this role. This role requires an outcome-driven, results individual, who can collaborate with multiple internal/external partners/stakeholders to drive our security needs. You will be expected to:
- Be personable. PatientPop has an excellent people culture, and any new hire needs to be a good team fit.
- Have experience with audits for HITRUST, ISO-27001, FedRAMP, SOC, or other
- Have 3+ years of experience working in compliance for a US regulated industry
- Experience working in a Software as a Service company
- CISA, CRISC, or equivalent certification
- Have good communication skills
You get extra points if you have:
- ISACA certifications, CISM, etc.
- Trained as a HITRUST auditor
- Ushered a company into HITRUST certification
Why does this matter to us?
To operate in the Healthcare industry we must make sure that everything we do abides by applicable laws. To win, and keep our customers confidence, we must build a program which demonstrates an excellent level of security and compliance.
To win and keep our customers love we obsess over efficiency and the ability to understand our clients. depend on our ability to streamline processes both internally and for our customers. We’re looking for someone who shares our passion and can work with us to achieve these goals.
Founded in 2014, PatientPop was conceived with one simple goal in mind: Help medical practices grow through leading-edge tools and automation. We help them get everything they need to attract and recall patients, plus grow their online reputation. We are the first growth-focused marketing platform that accelerates new patient growth by automating practice marketing and eliminating the need for dedicated marketing resources. Which allows them to effortlessly provide a great patient experience.
PatientPop, Inc is an EOE M/F/D/V employer. We will consider for employment all qualified Applicants, including those with Criminal Histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance.