Listing Description

ABOUT ARTERA

Our Mission: Make healthcare #1 in customer service.

What We Deliver: Artera (formerly WELL Health^®) is the patient communication platform that delivers happier staff, healthier patients, and more profitable organizations. We enable two-way conversations between patients and their healthcare teams through secure, multilingual messaging across multiple channels – including text, email, and telephone. By unifying disjointed touchpoints into a single, intuitive channel, Artera fuels connected patient experiences and empowers organizations to deliver the best customer service imaginable. 

Our Impact: Artera helps 500+ healthcare providers facilitate more than 1 billion messages for 40+ million patients annually. 

Our award-winning culture: In 2021, Artera was named #10 on the Forbes list of America’s Best Startup Employers, as well as being named one of Deloitte’s Fast 500 (#133). Artera was also recognized as one of the Best Midsize Companies to Work for in Los Angeles by Built In in 2022, and has been ranked on the Inc. 5000 list of fastest-growing private companies for three consecutive years.

SUMMARY

Artera is looking for a Security Compliance Program Manager to lead our company-wide privacy program. You will report directly to the Director of Information Security. You will learn our existing frameworks and own controls across each domain of the security program.

You are excited about, and have a passion for, being involved in all facets of security compliance. You have strong organization skills, an independent work ethic, and work well across departments. You are able to pivot quickly and manage large initiatives such as annual security certifications. You will quickly be able to operationalize security requirements and identify and mitigate privacy risks for the company. You have the ability to develop, implement, and execute on processes in a fast-paced environment.

RESPONSIBILITIES

• Lead audit efforts related to HITRUST, ISO 27001/27017, SOC 2, and various other audits


• Administer and operate our GRC tool and ensure compliance requirements such as HITRUST, HIPAA, ISO, and SOC are met


• Develop and maintain security / technology related policies, procedures, and standards that address security requirements related to strategies, regulations, and business & technology risks


• Perform information security control reviews and assessments across technology, product, and business teams


• Own controls across each domain of the security program


• Provide counsel on security related topics and help drive complex projects across the organization with imperfect information and ambiguity


• Identify, quantify, track, and lead mitigation of risks and control exceptions


• Collaborate with cross-functional teams including Legal, Privacy, Product, Engineering and IT teams on privacy and compliance issues


• Be the frontline advisor for security questions and concerns from the Product, Engineering, Sales and other corporate teams


• Respond to RFPs and security questionnaires


• Respond to security related incidents

REQUIREMENTS

• A Bachelor's degree (relevant experience in lieu of a degree also accepted) 


• 3+ years of experience in security compliance


• Experience managing a variety of security audits/certifications such as HITRUST, ISO 27001, or SOC 2


• Firm understanding of HIPAA Security Rule


• Excellent communication skills, and an ability to collaborate with members of various teams


• Good problem analysis, problem-solving, and judgment skills


• Strong project management skills

BONUS

• Relevant security certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISMP (Certificate in Information Security Management Principles)


• Bonus: FedRamp, ISO 27001, NIST 800-53, PCI DSS, SSAE 18 and/or other risk-centric standards and frameworks


• Red team or security operations center experience


• Healthcare experience


• Experience with cloud based infrastructure security principles


• Experience working with distributed teams


• Startup experience


• SaaS experience

LOCATION

Artera is Santa Barbara, CA based and remote friendly. If you are located outside of the Santa Barbara area and located within the United States and are interested in working remotely, APPLY TODAY. #LI-Remote #BI-Remote 

WORKING AT ARTERA 

• Company benefits - Full health benefits (medical, dental, and vision), flexible spending accounts, company paid life insurance, company paid short-term & long-term disability, flexible spending accounts, company equity, voluntary benefits, 401(k) and more! 


• Career development - Mentorship program, manager development cohorts, employee development funds.


• Generous time off - Company holidays, wellness days, and flexible time off.


• Employee Resource Groups (ERGs) - We believe that everyone should belong at their workplace. Our ERGs are available for identifying employees or allies to join. 

SALARY RANGE

Actual base salary will depend on experience, skills, education, geographic location, and/or internal equity.

$98,000 - $143,000

Interested in learning more? Please visit our LinkedIn page or our Life at Artera Instagram (@artera_io) to hear from our employees about working at Artera.

Committed to Diversity, Equity, and Inclusion

Artera is an Equal Opportunity Employer and is committed to fair and equitable hiring practices. All hiring decisions at Artera are based on strategic business needs, job requirements and individual qualifications. All candidates are considered without regard to race, color, religion, gender, sexuality, national origin, age, disability, genetics or any other protected status. 

With that said, research shows that women and other underrepresented groups apply only if they meet 100% of the criteria. Artera is committed to leveling the playing field, and we encourage you to apply for positions even if you do not meet 100% of the criteria. We would love to connect with you and see if you would be a great fit for our role! 

We’re dedicated to creating an inclusive, equitable, and diverse workplace, where everyone feels safe to be themselves and diversity is a strength. Artera is committed to providing employees with a work environment free of discrimination and harassment; Artera will not tolerate discrimination or harassment of any kind.