Head of Security

🕒 April 30

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Stedi

WebsiteLinkedInAll Job Openings

51 - 200 employees

⚕️ Healthcare Insurance

🔌 API

💳 Fintech

Healthcare Insurance • API • Fintech

Stedi is an API-first clearinghouse that facilitates the automation of healthcare transactions, such as real-time eligibility checks and claims processing. The platform offers modern, developer-friendly JSON-based APIs, enabling fast integration and interaction with over 7,000 payers, thus supporting a broad payer network. Stedi is designed with reliability in mind, featuring multi-region, highly-available APIs with automatic failover for increased uptime. The company prioritizes security, with HIPAA and SOC 2 compliance, role-based access, and multi-factor authentication. Stedi provides robust support, including hands-on engineering assistance and dedicated communication channels, ensuring fast onboarding and efficient transaction management for health tech companies.

📋 Description

• Own and build Stedi's security program end-to-end, including policies, controls, procedures, security tooling, training, vulnerability management, vendor risk, and more. • Be a strong hands-on contributor from day 1 while also building a roadmap for scaling the security function as the company continues to grow. We have a culture where leaders are contributors and are deeply involved in the technical details. • Advise on security risk tied to product decisions, architecture, and partnerships. • Leverage our best-in-category security posture to unlock new customers and strategic relationships. • Partner with Engineering to maintain security excellence while minimizing development friction. • Lead breach preparedness and incident response: build, test, and own the Security Incident Response Plan, Disaster Recovery, and Business Continuity programs so Stedi can detect, contain, and recover rapidly in the unlikely event of a significant issue. • Represent Stedi in conversations with customer and partner security leadership teams, and provide clear, regular reporting on security posture and risk to the executive team and board. • Partner with Legal on regulatory obligations, breach notification requirements, and the legal dimensions of security incidents - be ready to engage directly with regulators should the need ever arise. • Build mechanisms for continuous security improvement, and establish practical, role-appropriate security training across the company.

🎯 Requirements

• Significant experience owning security programs in cloud-native environments. • Deep technical ability in the security domain and enough working knowledge to have high-bandwidth discussions with application engineers. • Strong legal and regulatory instincts – you have the ability to understand legal issues and can speak credibly with regulators; healthcare or HIPAA experience is a strong plus. • Opinionated but pragmatic, with strong judgment about where rigor matters most and a bias toward solutions over problems. • Exceptional communicator: you can explain security risk clearly to engineers, executives, customers, and regulators, in writing and in person. • You’re excited to use automation and modern tooling to eliminate toil and raise the bar, not to build bureaucracy.

🏖️ Benefits

• All official communication about roles at Stedi will only come from an @stedi.com email address, or from our official identification verification partner, Persona, @frompersona.com. • If you’re unsure whether a message is legitimate or have any concerns, feel free to contact us directly at [email protected].