All openings

Security and Compliance Manager

San Francisco, CA

Rally Health is all about putting health in the hands of the individual. It’s our mission, and it drives everything we do, which is to empower people with easy-to-use online and mobile tools that help them take charge of their health and health care, from improving their diet and fitness to selecting health benefits, and choosing the right doctor at the right price for their needs.

Our culture is built on a deep and sincere commitment to helping people live healthier lives. To do this, we are committed to innovating at every level. As our president and COO David Ko says, “We are a company that continuously innovates. It cannot end. It has to be in everything we do, which means that some of the things we’re going to do are not going to work – and that’s okay. We’re not trying to build something that is churn and burn. We’re building something that follows consumers over their lifetime.”

Responsibilities:

  • The Security and Compliance Manager assists with the design, deployment, documentation and integration of all approved security solutions in accordance with HIPAA, NIST and HiTrust
  • Provides mentorship to assure adherence to policies and procedure for efficient operations of the Security and IT teams
  • Performs IT Risk & Security assessments and develops information security strategies and appropriate policies
  • Supports strategic security planning to achieve business goals by prioritizing compliance initiatives and coordinating the evaluation, deployment and management of current and future security technologies
  • Assists in the design and implementation of disaster recovery and business continuity plans, procedures, audits and improvements to ensure that SPOF (Single Points of Failure) and DR issue are remediated in a timely manner
  • Helps develop and implement security programs, policies, and procedures
  • Implements and manages audits associated with Security and Compliance programs
  • Facilitates training of employees and consultants to establish “security awareness” to prevent or mitigate security incidents
  • Recommends and supports the deployment of additional security products and tools, to detect violations of network security policies and procedures
  • Participates in the development and implementation of a corporate security & compliance awareness program and ensures security compliance applicable with NIST, HIPAA, and HiTrust standards
  • Crafts and propagates security awareness and training programs among employees and consultants
  • Assists in the development and maintenance of all security policies, procedures, regulatory compliance requirements, data privacy, and security standards
  • Manages and schedules internal vulnerability scans to ensure compliance with password policies, on-boarding, off-boarding, and privileged use
  • Supports and manages the relationship with Security and IT to ensure that segregation of duties is being enforced
  • Performs periodic audits of the applications, services, systems, and devices that support the Security and IT infrastructure
  • Develops, maintains and supports the distribution, communication, and enforcement of Security & IT policies that relate to end user compliance

Qualifications:

  • Confidence coupled with an innate ability to get things done
  • An attitude that is fundamentally focused on service and maintaining company wide security standards
  • Able to work in a fast-paced, changing environment
  • Super organized and detailed focused
  • Impeccable interpersonal skills, both verbal and written
  • 3-7 years of supporting security and compliance initiatives
  • Small company and dynamic start-up environment experience is a plus
  • Self-motivated, passionate and humble
  • A high sense of urgency and strong multitasking skills

Why join Rally? On top of an innovative work atmosphere and a chance to help people change their lives, we offer competitive pay, daily catered lunches, and an extensive benefits package for all full-time employees (including medical, dental, vision and 401(k)). In addition, offer the ability to grow, while truly making an impact in the healthcare system.

Rally Health is committed to ensuring that its workforce reflects America’s diverse population. Rally Health knows that such diversity will enrich us with the talent, energy, perspective and inspiration it needs to achieve its mission. Rally Health believes in a policy of equal employment and opportunity for all people based on merit and commitment to the principles of diversity. It is our policy to recruit, hire, train, and promote individuals in all job titles, and administer all programs, without regard to race, color, religion, national origin or ancestry, citizenship, sex, age, marital status, pregnancy, childbirth or related medical conditions, personal appearance, sexual orientation, gender identity or expression, family responsibilities, genetic information, disability, matriculation, political affiliation, veteran status, union affiliation, or any other category protected by applicable federal, state or local laws.

Individuals with disabilities and veterans are encouraged to apply. Applicants who require an accommodation related to the application and/or review process should notify Talent Acquisition (recruiting@rallyhealth.com).

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.