Jobs · Information Technology · New York

Director of Security & Compliance

Verse Medical · New York, NY · 3 wk ago
HybridInformation Technology$220k–$270k/yrFull-time

About the role

The Director of Security & Compliance will own and build the company's security program, focusing on HIPAA compliance, HITRUST certification, and protecting patient data.

Responsibilities

  • Own and drive the company-wide security strategy and roadmap, balancing risk reduction with the speed of a Series C product organization
  • Serve as the owner for HIPAA compliance and our ongoing HITRUST certification effort, implementing and operating the underlying controls
  • Lead incident response, including playbook development, on-call structure, tabletop exercises, and post-incident reviews
  • Build the security team over time, starting as a hands-on player-coach and hiring once the program scales

Requirements

  • 8+ years in security, compliance, or information security, with at least 2–3 years as a senior leader or subject matter expert at a startup or growth-stage company
  • Direct experience owning HIPAA, HITRUST, and/or SOC 2 compliance end to end — designing, implementing, operating, and auditing the relevant security controls and policies
  • Experience leading incident response, from detection through remediation and postmortem
  • Experience designing and implementing both technical and non-technical security controls: MDM, IAM, endpoint protection, access policies, vulnerability management
  • Strong cross-functional communication: able to explain risk and compliance requirements to executives, work credibly alongside engineers, and represent our posture to enterprise customers and auditors
  • Comfort operating as a player-coach — willing to be hands-on-keyboard while building the function

Qualifications

  • Track record of building security programs from early maturity: you've written the first policies, stood up the first tooling, and made pragmatic risk tradeoffs rather than inheriting a mature program

Skills and Experience

  • Core Skills & Experience: 8+ years in security, compliance, or information security, with at least 2–3 years as a senior leader or subject matter expert at a startup or growth-stage company
  • Direct experience owning HIPAA, HITRUST, and/or SOC 2 compliance end to end — designing, implementing, operating, and auditing the relevant security controls and policies
  • Experience leading incident response, from detection through remediation and postmortem
  • Experience designing and implementing both technical and non-technical security controls: MDM, IAM, endpoint protection, access policies, vulnerability management
  • Strong cross-functional communication: able to explain risk and compliance requirements to executives, work credibly alongside engineers, and represent our posture to enterprise customers and auditors
  • Comfort operating as a player-coach — willing to be hands-on-keyboard while building the function

Benefits

  • Competitive compensation - $220,000-$270,000 base compensation + equity
  • Opportunities for rapid career advancement in a growing company
  • 100% premium coverage for health insurance
  • 401(k) with no matching at this time

Pay

$220,000 - $270,000 base compensation

Schedule

This is a hybrid role based in our New York office and will require you to be in the office 4x in a week.

Verse Medical Pledge for an Equitable Future

We are committed to building a workplace where everyone feels a sense of belonging, where their contributions are valued, and where they can do their best work. We embrace diversity of all kinds: race, gender, age, religion, identity, experience. We are actively working to build a more inclusive and equitable world, starting from within our own walls.

Similar jobs