Director, Security, Privacy & Compliance bei Kalderos

About Us

At Kalderos, we are building unifying technologies that bring transparency, trust, and equity to the entire healthcare community with a focus on pharmaceutical pricing.  Our success is measured when we can empower all of healthcare to focus more on improving the health of people. 

That success is driven by Kalderos’ greatest asset, our people. Our team thrives on the problems that we solve, is driven to innovate, and thrives on the feedback of their peers. Our team is passionate about what they do and we are looking for people to join our company and our mission.

What You’ll Do:

• Own privacy and information security risk management functions
• Provide oversight and monitor key elements of Kalderos' vendor management program
• Oversee activities related to risk management, due diligence, contract provisions, vendor reviews, and ongoing monitoring requirements
• Assure adherence to applicable federal and state regulations
• Support security and privacy compliance (SOC 1 & 2, HIPAA, HITRUST, CCPA, etc.)
• Develop and conduct periodic risk assessments
• Liaise with the Kalderos leadership team and cross-functional partners to ensure effective coordination of privacy and security requirements and activities

What You’ll Bring:

• Bachelor's degree in a technical field or equivalent practical experience
• 8+ years of experience in Information Security Governance, Risk and Compliance
• Experience with Risk Management and Information Security strategy, practices, technologies and tools  
• Experience conducting efficient and regular risk assessments, and auditing and monitoring activities
• Experience with Information Security frameworks and standards, such as NIST, SOC 2, ISO 27001
• Experience in a healthcare company with knowledge of existing and emerging federal and state requirements related to privacy and security of health information is a plus

Set Yourself Apart:

• Have owned and managed SOC 2 and HIPAA/HITRUST compliance & certification programs.
• Knowledge of current Cloud security architecture, software and database technologies 
• Understanding of risk management from the technology perspective 
• Strong professional and interpersonal skills 
• Ability to maintain a high level of confidentiality 
• Demonstrated ability to complete projects in a timely manner with little supervision or direction
• Demonstrated ability to set priorities and to respond to changing demands from multiple sources in a fast-paced environment 
• Ability to follow through, meet deadlines, anticipate requirements, and build relationships 
• Strong analytical, decision-making, and problem-solving skills 
• Excellent verbal and written communication skills 
• Excellent time management and organizational skills 
• Knowledge of personal computers and relevant applications

Recommended Certifications:

• CRISC – Certified Risk and Information Security Control
• CISM - Certified Information Security Manager
• CISA - Certified Information Systems Auditor
• CHPC - Certified in Healthcare Privacy Compliance

Expected Salary Range: $130,000-$150,000 base + bonus

This is a hybrid role based out of Chicago, IL or Boston, MA.

____________________________________________________________________________________________

Highlighted Company Perks and Benefits

• Medical, Dental, and Vision benefits
• 401k with company match
• Flexible PTO with a 10 day minimum
• Opportunity for growth
• Mobile & Wifi Reimbursement
• Commuter Reimbursement
• Donation matching for charitable contributions
• Travel reimbursement for healthcare services not available near your home
• New employee home office setup reimbursement

What It’s Like Working Here

• We thrive on collaboration, because we believe that we can only put our best work into the world when we work together to solve problems.
• We empower each other and believe in ensuring all voices are heard.
• We know the importance of feedback in individual and organizational growth and development, which is why we've embedded it into our practice and culture. 
• We’re curious and go deep. Our slack channels are filled throughout the day with insightful articles, discussions around our industry, healthcare, and anything else that interests our team!

To learn more: https://www.kalderos.com/company/culture

We know that job postings can be intimidating, and research shows that while men apply to jobs when they meet an average of 60% of the criteria, women and other marginalized folks tend to only apply when they check every box. We encourage you to apply if you think you may be a fit and give us both a chance to find out!

Kalderos is proud to be an equal opportunity workplace.  We are committed to equal opportunity regardless of race, color, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, or veteran status.

Privacy notice for California job applicants.

Kalderos participates in E-Verify.