About Fabric Health

About the Role

What You'll Do

• Establishing, implementing, and continuously monitoring security and privacy controls to safeguard our systems.
• Developing and recommending solutions for information security requirements, and leading the remediation of identified issues.
• Serving as a go-to subject matter expert (SME) for clients and partners on Fabric's privacy and security protocols.
• Spearheading external audits of Fabric's systems, ensuring compliance with frameworks such as HITRUST, SOC 2, HIPAA, and PCI-DSS.
• Conducting thorough audits of third-party suppliers and vendors, providing valuable insights and recommendations to leadership on associated risks.
• Defining and implementing our security documentation strategy to ensure our teams have clear, actionable best practices.
• Partnering closely with engineering teams to ensure software is shipped securely, utilizing best practices around SDLC (Software Development Life Cycle), peer reviews, and automated testing.

Why You Might Be a Good Fit

• You are deeply passionate about maintaining a robust security posture and ensuring compliance with industry standards.
• You thrive on being a go-to expert, providing valuable guidance to both internal teams and external clients on privacy and security protocols.
• You excel in a fast-paced, remote environment where managing time and multiple priorities effectively is key.
• You have an unwavering commitment to detail and a track record of ensuring compliance with security and privacy frameworks.
• You are an exceptional communicator, able to articulate complex security issues and resolutions to both technical and non-technical audiences with clarity and professionalism.

This Might Not Be The Right Fit If...

• You prefer a role with a narrow focus and limited interaction with cross-functional teams and clients.
• You are not comfortable with the pace and ambiguity of a dynamic, remote work environment.
• You lack a deep interest in the specific intersection of security, compliance, and healthcare technology.
• You are not prepared to be a hands-on, subject matter expert responsible for guiding other teams and leaders.

Your Qualifications

• Minimum of 5 years of experience in healthcare security and compliance.
• Bachelor’s degree or equivalent work experience.
• Experience with HIPAA Compliance regulations.
• Experience with HITRUST CSF.
• Experience with AWS and cloud security.
• Knowledgeable of software engineering best practices around SDLC (Software Development Life Cycle), peer reviews, and automated testing.
• Adept at professional communication, you can research, prepare, and deliver high-quality communications, clearly articulating security issues and resolutions to both technical and non-technical audiences.
• Demonstrated expertise and a track record of ensuring compliance with relevant security and privacy frameworks.
• Proven ability to manage time effectively and excel in a dynamic, remote work environment.
• Exceptional attention to detail and the capacity to manage multiple priorities effectively.

Bonus Points

• Relevant certifications such as CISA, CISM, or CISSP.
• Experience with SaaS environments.

The national pay range for this role is $75,000.00 – $150,000.00 per year. Actual compensation will be determined by factors such as the candidate's geographic market, experience, skills, and qualifications. Certain roles may also be eligible for additional compensation, including a comprehensive benefits package such as medical, dental, vision, unlimited PTO, and a 401(k) plan, stock options and bonuses. If your compensation requirement is greater than our posted range, please still consider applying; a determination can be made based on unique qualifications. Expected compensation ranges for this role may change over time.

• LinkedIn
• Awards
• Press Releases
• Careers Page