• Develop and continuously evaluate and evolve Honest’s information security roadmap and posture.
• Develop, implement, and monitor a comprehensive enterprise information security and risk management program, in collaboration with our Compliance team and other business partners.
• Align and prioritize actions within the cyber security program that align with our organization’s objective goals, meets the needs of our partners and focuses on data protection, threat management, and risk mitigation.
• Ensure compliance with healthcare regulations including HIPAA, HITRUST, and other applicable standards.
• Oversee incident response planning, and the investigation of any security incidents, ensuring timely reporting to the executive team and all relevant stakeholders.
• Collaborate with our business partners across the organization to integrate security best-practices across the organization.
• Oversee and evaluate third-party security assessments to ensure vendor compliance with organizational security policies and industry standards. Collaborate with both our People and Culture and Marketing teams on security training and awareness programs for all staff to help foster a culture of security awareness.
• Provide regular reports to the executive team and board on the status of the information security program and emerging threats.
• Implement, manage, and enforce information security directives as mandated by Federal and State regulations, including but not limited to the Health Insurance Portability and Accountability Act (HIPAA).
• Develop and enforce policies and procedures and provide oversight of functional areas including, but not limited to: workforce training involving confidentiality, integrity and availability of data within Honest’s electronic systems and cloud-hosted data.
• Work across the organization to ensure that the access control, disaster recovery, business continuity needs of the organization are properly addressed.
• Conduct research in and stays current with security vulnerabilities and remediation efforts.
• Perform other related responsibilities as required.

​

Required Qualifications

• Bachelor’s degree in information technology or related field of study required; Master’s degree in business or IT fields considered a plus
• 7+ years of experience in Information Technology Enterprise and Infrastructure with at least 5 years in leadership roles
• 5+ years of experience of operational delivery in a healthcare environment
• Thorough knowledge of state-of-the-art information security practices
• Thorough knowledge of technical infrastructure security components and integrated computerized rules-based systems
• Thorough knowledge of Federal and State privacy and security laws and regulations and industry best practices as they relate to healthcare information security
• Ability to manage the security of health information across a widely dispersed workforce with a variety of information mediums
• Ability to read, interpret and apply technical information and business level requirements
• Ability to analyze and resolve security problems quickly
• Ability to direct and evaluate the work of lower-level staff and vendors
• Ability to communicate effectively, both orally and in writing
• Ability to establish and maintain effective working relationships with a diverse constituency

​

Preferred Qualifications

NA

The base pay range for this role is $162,700.00 - $191,100.00. Compensation takes into account several factors including but not limited to a candidate’s experience, education, skills, licensure and certifications, and organizational needs. Base pay is just one piece of the total rewards program offered by Honest. Eligible roles also qualify for short-term incentives and a comprehensive benefits package.

​

Honest is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Honest is committed to working with and providing reasonable accommodations to job applicants with physical or mental disabilities. Applicants with a disability who require a reasonable accommodation for any part of the application or hiring process should email talent@honest-health.com for assistance. Reasonable accommodation will be determined on a case-by-case basis.

​

Honest Health values a secure and transparent recruitment process. We contact candidates through our official recruiting platform, email, or text message. When working directly with candidates, Honest Health will always use an HonestHealth.com or Honest-Health.com email address. Our hiring process includes a live phone call or in-person interview before any formal offer is extended.

​

To safeguard your personal information, Honest Health will never ask for confidential details—such as social security numbers, bank accounts, or routing numbers—before making a formal offer. We will also never request financial transactions, PINs, passwords, or security access details through email, text, Venmo, or any social media platform.

​

We encourage all candidates to verify the contact information of individuals they interact with during the recruitment process. If you have any questions about the authenticity of a communication, please reach out to our team at talent@honest-health.com.