Virta is the first company with a clinically-proven treatment to safely and sustainably reverse type-2 diabetes without the use of medications or surgery. Our innovations in nutritional biochemistry, data science and digital tools combined with our clinical expertise are shifting the diabetes treatment paradigm from management to reversal. Our mission: reverse type 2 diabetes in 100 million people by 2025.

In this role you will lead and mature Virta Health’s information security program. Virta is HITRUST CSF Certified and performs SOC-2 audits with growing compliance needs. Your work in building an information security organization and leading Virta’s compliance efforts will enable Virta’s continued commitment to the security and privacy of its patients' information.  You will continue to drive Virta Health’s existing culture of security awareness.

Responsibilities

• Manage Virta’s information security program including its policies and procedures.
• Build an information security compliance team to handle Virta Health’s growing compliance needs.
• Represent Virta during client security evaluations.
• Be the final decision maker for information security risk decisions as Virta’s Information Security Officer.

90 Day Plan

Within your first 90 days at Virta, we expect you will do the following:

• Rapidly take over Virta’s existing security program and prepare for Virta’s annual HITRUST and SOC-2 audit commitments. 
• Begin building the information security team you will need to mature Virta’s security posture.
• Own Virta Health’s culture of security awareness.

Must-Haves

• 7+ years experience leading an information security team in a mature organization with complex compliance requirements.
• Significant experience with information security in a HIPAA Covered Entity or Business Associate.
• Expertise with at least one compliance and audit framework. (HITRUST, ISO27001, SOC-2)
• The ability to manage risk assessments for vendors and internal information security decisions.
• Experience driving client-facing security evaluations for successful sales enablement.

Values-driven culture

Virta’s company values drive our culture, so you’ll do well if:

• You put people first and take care of yourself, your peers, and our patients equally
• You have a strong sense of ownership and take initiative while empowering others to do the same
• You prioritize positive impact over busy work
• You have no ego and understand that everyone has something to bring to the table regardless of experience
• You appreciate transparency and promote trust and empowerment through open access of information
• You are evidence-based and prioritize data and science over seniority or dogma
• You take risks and rapidly iterate

As part of your duties at Virta, you may come in contact with sensitive patient information that is governed by HIPAA. Throughout your career at Virta, you will be expected to follow Virta's security and privacy procedures to ensure our patients' information remains strictly confidential. Security and privacy training will be provided.