Director of Security Privacy Compliance 100% Remote
Director of Security Privacy Compliance 100% Remote
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Who We Are:
Vori Health is an award-winning nationwide virtual-first musculoskeletal medical practice focused on evidence-based care that treats the whole person. Using a unique care model to help patients find the best path forward Vori Health connects patients to a trained care team that includes a nonoperative physical medicine physician a health coach navigator and a physical therapist who manage the initial patient assessment and then work to coordinate all aspects of care. We are on a mission to empower humanity to lead a healthier life.
Reporting to the Chief Technology Officer you will work closely with other members of the information technology team as well as cross-functional stakeholders.
As the Director of Security Privacy and Compliance youll be responsible for designing implementing and optimizing the security and compliance infrastructure that supports our virtual-first clinical care model. You will lead Vori Healths information protection strategy across patient data clinical workflows and vendor ecosystems ensuring regulatory readiness and operational resilience. This role will lead operationalize and maintain security controls to protect patient data and maintain SOC2 HIPAA GDPR and HITRUST compliance. You will lead Vori Healths information protection strategy across patient data clinical workflows and third-party ecosystems ensuring regulatory readiness operational resilience and patient trust.
This position involves strategic decision-making system implementations and the adoption and testing of new processes and procedures which improve the security and robustness of Vori Healths infrastructure and associated IT systems. You will oversee key outside vendors working to identify and safeguard Vori Health from intrusion security threats security weaknesses software bugs and exploits. You will be responsible for Vori Healths data systems patients customer and user security.
What Youll Do:
Security & Compliance Leadership
Lead the development and execution of security and privacy programs that ensure HIPAA HITECH NIST GDPR SOC2 HITRUST and emerging frameworks (e.g. CCPA/CPRA 21st Century Cures Act) compliance.
Develop implement and maintain security policies procedures and governance documentation.
Serve as the primary point of contact for all internal and external audits including regulatory and client assessments.
Conduct risk assessments security audits and penetration tests to identify vulnerabilities and develop remediation plans
Privacy Management
- Oversee the enterprise privacy program including PHI protections breach notifications consent management and OCR compliance.
Act as liaison with legal and clinical leadership for interpretation and application of data privacy requirements.
Third-Party Risk & Vendor Security
Own vendor security assessments third-party due diligence and contract negotiation support.
Maintain a centralized vendor risk registry and monitor compliance on an ongoing basis.
Secure Architecture & Development Practices
Collaborate with engineering teams to ensure adoption of secure development practices (DevSecOps).
Leverage frameworks such as NIST OWASP and ISO for secure coding CI/CD pipelines and system design.
Risk Management & Incident Response
Conduct regular risk assessments vulnerability scans penetration tests and threat modeling.
Develop and lead security incident response processes including forensic investigations and breach communications.
Training & Enablement
Develop and deliver ongoing employee security and privacy training programs.
Promote a security-first culture across clinical product and operational teams.
Customer & Partner Engagement
Support the completion of RFPs due diligence requests and customer security questionnaires.
Participate in customer and partner meetings to articulate our security and compliance posture.
Build and maintain relationships with regulatory bodies auditors and other stakeholders to ensure compliance with relevant regulations and standards
Strategy Reporting & Budgeting
Provide security KPIs dashboards and executive briefings to leadership.
Manage security budget forecast technology investments and evaluate tooling options.
Supervisory Responsibilities
Manage relationships and expectations with third-party vendors MSSPs and contractors.
Lead cross-functional teams as needed for enterprise-wide security initiatives.
Perform other projects and duties as assigned
Who You Are:
Required:
7 years of experience in information security and compliance preferably in healthcare or digital health
Deep understanding of HIPAA HITECH SOC2 HITRUST CCPA and security frameworks (NIST ISO OWASP)
Experience in privacy program management and incident response
Strong familiarity with AWS security best practices
Expertise in risk management security assessments and audit readiness
Proven ability to lead cross-functional security programs in high-growth environments
Strong communication and interpersonal skills
Practical experience with AWS Windows MacOS and Linux
Excellent time management and organizational abilities with attention to detail
Strong analytical and problem solving skills
Experience in High growth regulated environments
- Nice-to-Haves:
- Bachelors or Masters in Computer Science Cybersecurity or related field
- Certifications such as CISSP CISM HCISPP or CHPC
- Experience working with EMRs care management platforms and digital health products
- Familiarity with SaaS delivery models and secure product development lifecycles
Work authorization/security clearance requirements:
Authorized or able to provide required documents to work in United States.
Physical Requirements/Work Environment:
Remote work environment.
While performing the duties of this job the employee may be regularly required to stand sit talk hear reach stoop kneel and use hands and fingers to operate a computer telephone and keyboard.
Specific vision abilities required by this job include close vision requirements due to computer work.
High-speed internet access with excellent bandwidth
Workspace that ensures patient privacy in virtual environment both visual and auditory
Company Benefits
At Vori Health we believe in fostering a supportive and rewarding work environment for our team members. We offer a comprehensive benefits package designed to support your overall well-being growth and work-life balance:
- Competitive Salary: We offer competitive pay based on experience skillset and the value you bring to the team.
- Equity Options: As part of our commitment to long-term success we offer equity options giving you the opportunity to share in the growth of the company.
- Health & Wellness: Our health benefits include medical dental and vision coverage to keep you and your family healthy. We also offer wellness programs and mental health resources to help you thrive both personally and professionally.
- Retirement Plans: We provide a 401(k) plan and Roth options to help you plan for the future and enjoy peace of mind.
- Paid Time Off (PTO): Enjoy generous paid time off including vacation days holidays and sick leave to recharge and maintain a healthy work-life balance.
- Fully Remote Work: Work from your home or private office location! We offer a flexible fully remote work environment that allows you to manage your workspace in a way that best suits your lifestyle.
- Professional Development: We encourage continuous learning and growth with access to training resources and Professional Development stipend for further education.
- Parental Leave: We offer paid parental leave to support team members through important life moments whether youre welcoming a child or expanding your family.
- Employee Assistance Program (EAP): Access confidential counseling and support for personal or work-related challenges to maintain your well-being along with additional employee assistance programs.
Were committed to creating a workplace where you can grow succeed and achieve your best. Come join our team and enjoy the benefits of a company that values its team members we call Vorriors!
EEO Statement:
Vori Health is an Equal Opportunity Employer. We are committed to a work environment that supports inspires and respects all individuals without discrimination on the basis of race color religion sex sexual orientation gender identity marital status age disability national or ethnic origin military service status citizenship or other protected characteristics.
Required Experience:
Director
Employment Type
Full-Time
