VP, IT & Security

Company Overview:

Cohere Health is illuminating healthcare for patients, their doctors, and all those who are important in a patient’s healthcare experience, both in and out of the doctors office.  Founded in August, 2019, we are obsessed with eliminating wasteful friction patients and doctors experience in areas that have nothing to do with health and treatment, particularly for diagnoses that require expensive procedures or medications.  To that end, we build software that is expressly designed to ensure the appropriate plan of care is understood and expeditiously approved, so that patients and doctors can focus on health, rather than payment or administrative hassles.

Opportunity Overview:

We are seeking an experienced and knowledgeable VP, IT & Security to join our organization and take ownership of our IT processes and security initiatives. As the VP, IT & Security you will report directly to the Chief Operating Officer (COO) and will be responsible for ensuring the overall security of our internal and external enterprise. You will play a critical role in establishing and maintaining a robust security framework and driving a culture of security excellence within the organization. You will also work closely with cross-functional departments, stakeholders, and leaders to align technology initiatives with business objectives. In addition, you will actively manage the IT needs of a large, remote organization. 

Last but not least: People who succeed here are empathetic teammates who are candid, kind, caring, and embody our core values and principles. We believe that diverse, inclusive teams make the most impactful work. Cohere is deeply invested in ensuring that we have a supportive, growth-oriented environment that works for everyone.

What you will do:

Security:

• Serve as the named Security Officer for the organization
• Assume responsibility for the overall security of the internal and external enterprise
• Conduct annual Business Impact Assessments
• Maintain HIPAA policies and procedures including ongoing reviews, updates, and approvals
• Maintain and expand Business Continuity and Disaster Recovery policies and procedures
• Coordinate and execute Business Continuity and Disaster Recovery testing and maintain relevant documentation
• Incident Response preparation and documentation
• Annual critical third party vendor security reviews
• Act as a member of the QSC (Quality, Security, and Compliance) committee
• Manage regulatory audits, including HITRUST and SOC2 Type 2, ensuring completion and compliance in an ongoing fashion
• Oversee client-mandated audits and provide necessary evidence
• Lead the completion of RFPs (Request for Proposals) for prospective clients, serving as the subject matter expert for security
• Conduct a weekly review of the security posture and insights across the enterprise
• Perform ongoing quarterly audits of all known systems and platforms
• Review contracts, Business Associate Agreements (BAAs), and terms from a security perspective
• Manage SSL certificate maintenance to ensure their validity and security
• Develop and deliver company-wide security training curricula to ensure company-wide compliance with security policies and procedures
• Manage and mentor the security team, setting the strategy and tone

IT:

• Familiarity with Asset Management software including Googe Enterprise and Jamf
• Review and provision accounts on new and existing applications
• Collaborate with teams to build out functionality on applications
• Manage and mentor the IT support staff, setting the strategy and tone
• Drive the expansion of single sign-on (SSO) and integrated platforms, particularly focusing on Okta Google Workspace
• Oversee the core IT infrastructure to ensure its stability, scalability, and security
• Manage software licenses and rationalization efforts
• Process requests for new software procurement, acting as a liaison between the requesting teams and the procurement process

Your background & requirements:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity or equivalent professional experience, required (Master's degree preferred)
• Security management certifications including CISSP REQUIRED
• Minimum 3+ years of experience as a Security Officer Leader
• In-depth knowledge of regulatory requirements, such as HIPAA, HITECH, HITRUST, and SOC2 Type 2
• Proven experience in a similar leadership role within the IT and security domains
• Strong technical expertise in IT infrastructure, support, and security
• Excellent leadership and mentorship abilities
• Exceptional problem-solving and troubleshooting skills
• Effective communication and interpersonal skills

We can’t wait to learn more about you and meet you at Cohere Health!

Equal Opportunity Statement: 

Cohere Health is an Equal Opportunity Employer. We are committed to fostering an environment of mutual respect where equal employment opportunities are available to all.  To us, it’s personal.

#LI-Remote

#BI-Remote