Product Security Lead
Who We Are
Join us on our mission to democratize access to the abundance of health information in the human eye! Here at identifeye HEALTH Inc., we’re pioneering a new branch in diagnostics between laboratory medicine and radiology, that will enable regular non-invasive health monitoring for both ocular and systemic diseases.
We believe in empowering the individual by building approachable and intuitive products to provide personalized health insights to each and every patient. Our products are portable, affordable, easy to use and connected devices for early disease detection and monitoring.
We are born from 4Catalyzer - a rapidly growing health-tech incubator founded by Dr. Jonathan Rothberg, an award-winning scientist and highly successful serial entrepreneur. We are fostering a culture of technical excellence where you have the opportunity to learn, explore and see your ideas come to life.
Joining identifeye HEALTH is the opportunity to redesign the future of healthcare through the power of technology. We are here to solve real-world problems and maximize global impact, motivated by the idea that our products will change lives, including the ones of people you love.
What We Live By
- Prioritize the Patient - We make products that remove barriers between quality care and the people who need it
- Data-Driven Decisions - We search for the best solutions; objective, backed by data, and optimized for speed, simplicity and scale
- Support Each Other - We celebrate the ideas and contributions of our teammates and recognize that we can only succeed as a team, and when each person feels heard and valued
- Simplify - We build intuitive solutions to simplify patient care
What You Will Be Doing
The Product Security Lead will be responsible for providing a highly scalable, reliable and effective security foundation for our cloud-hosted medical device that serves both customers and identifeye business operations. This role will be responsible for driving the development and execution of identifeye’s information security strategy in alignment with business objectives and regulatory requirements, as well as continuing advancement of our security program. This is a multi-dimensional role, requiring extensive security and business integration experience. This role is hands-on and will be required to contribute technically.
As part of our team, your core responsibilities will be:
- Ownership of information security strategy and execution
- Drive the development, implementation and maintenance of security and data privacy policies, standards and procedures, staying up to date with industry standards and regulatory changes
- Partner closely with cross-functional stakeholders to build a robust security infrastructure and governance program to continuously evaluate, track and manage privacy and security risks
- Lead company efforts for HITRUST and SOC-2 certifications for our cloud hosted medical device, as well as applicable international standards to support identifeye’s growth
- Identify and build the infrastructure needed to support HIPAA, GDPR and CCPA
- Establish and maintain a compliant vendor risk management program, with ownership of Business Associate Agreements (BAA) and the like
- Ownership of product security requirements and testing, including investigation of data residency laws for future market expansion
- Managing the planning and preparation of cybersecurity compliance submissions for identifeye products to support pre- and post- market requirements
- Maintain regular risk assessments, remediation, incident management and auditability
- Drive continuous education and training of security compliance methodology and frameworks, fostering a security-conscious culture
What We Are Looking For
Baseline Skills, Experiences, & Attributes:
- Bachelor’s degree in a related discipline
- 5+ years of experience in an engineering or technical role delivering privacy and security solutions for cloud technologies
- Software development experience in a general purpose programming language
- Proven experience successfully building and implementing a high functioning security infrastructure in a regulated environment
- Experience achieving security compliance certifications such as HITRUST, SOC-2, ISO27001, FedRAMP, etc.
- Knowledge of risk assessment tools, technologies and methods
- Strong technical and business acumen, with ability to lead complex organizational security initiatives and decisions
- Demonstrated leadership skills and proven ability to drive change in a complex environment
- Strong vision for building a security-conscious culture
- Excellent written and verbal communication skills
- Ability to manage competing priorities in a fast paced and changing environment
- Title dependent on level of experience
- Ability to work onsite in our Redwood City, CA office. Hybrid working arrangements available.
- Advanced degree in a related discipline
- Experience with mobile devices (iOS preferred) and/or embedded software (Python preferred)
- Experience with IoT security running embedded Linux
- Knowledge of AWS solutions and implementation
- Prior experience in a medical device startup environment
What We Offer
- Fully covered medical insurance plan, and dental & vision coverage. As a health-tech company, we place great worth on our team’s well-being.
- 401(k) plan. Everyone should be encouraged to save for their retirement adventures!
- Flexible PTO policy and remote/hybrid work arrangements. We believe in taking personal responsibility for managing our own time, workload and results.
- Free onsite meals & kitchen stocked with snacks at our office locations.
- Annual "Improve Your Work Environment" stipend. We support what you need to be your best self when at work!
- Professional development reimbursement. Let's grow together!
- More exciting employee perks... but most importantly, the opportunity to build a revolutionary healthcare product and save millions of lives!
identifeye HEALTH Inc. does not accept agency resumes.
identifeye HEALTH Inc. is an E-Verify and equal opportunity employer regardless of race, color, ancestry, religion, gender, national origin, sexual orientation, age, citizenship, marital status, disability or Veteran status. All your information will be kept confidential according to EEO guidelines.