Compliance & Security Analyst

Remote (USA) /
Compliance & Information Security /
Architect Compliance at a Novel Online Peer Support Program
Marigold Health is looking for a Compliance & Information Security Analyst to design, implement, and audit policies to mitigate risk in a rapidly changing regulatory environment.
This is a FT opportunity reporting to our Chief Product Officer. Candidates can reside anywhere in the US and should expect periodic travel to our HQ in Boston.
Marigold Health exists to give every person with a mental health or substance use condition a place to feel heard. 
We have designed an asynchronous-first treatment program where patients support each other. We believe peers, individuals in recovery themselves who have received training to support others, can empower & engage those least likely to interact with current forms of care.
Our program is a combination of 1-1 coaching and 24/7 anonymous chat support groups accessed over phone, SMS, and app/web. On the backend, proprietary natural language processing tools scale our peer workforce by augmenting group moderation, automating patient outreach, and sending sentiment-based “alerts” to coordinate care with other providers.
Following strong results from our first clinical studies, we are entering a period of rapid growth, and expect to expand from 2 states today to 12 by this time next year.

What You'll Do

    • Draft compliance polices and establish safeguards
    • Maintain auditable logs of sensitive business operations
    • Lead company through relevant certifications (e.g. HITRUST, SOC2)

    • Engage customer and governmental stakeholders to complete compliance questionnaires and audits
    • Conduct risk assessments and audits on internal processes, Business Associates, and other third parties.  
    • Work with department heads to ensure access controls, disaster recovery, and incident policies are practical in day-day work settings

    • Organize staff trainings and security awareness efforts
    • Configure and maintain device management (E.g Intune, Jamf)
    • Inspect and test product iterations to quality & compliance specifications

Your Skills

    • Minimum 3 years of information security or compliance experience is required
    • Expertise in HIPAA, state, and federal guidelines on privacy, transactions, and security.
    • Working knowledge of threat vectors in mobile, web, telecommunication, and physical environments

    • Concise, understandable, and efficient writing skills
    • Preferred professional certifications: CISSP, CCEP, CHC

Who You Are

    • Motivated by our mission to give every single patient with a mental health condition a unique voice
    • Passionate about security, privacy, and compliance - handling protected health information is a serious responsibility
    • Proactive in self-directing work to areas of high impact
    • Methodical and organized despite an unstructured environment 
    • Scrappy, able to iterate on processes with existing resources

Benefits & Perks

    • Save lives by deploying a first-of-its-kind treatment model
    • Intellectually Challenging: you’ll design novel approaches to information security at a hybrid social network and treatment program
    • Continuous Learning: Contribute to and gain from a diverse, interdisciplinary team that includes clinicians, data scientists, and peer workers
    • Ownership: Significant equity as part of the founding team
    • Competitive salary, healthcare, and perks including a dedicated mental health benefit   
More About Marigold Health
Marigold Health is an early-stage, rapidly growing startup providing services for a range of community based mental health and substance use treatment providers as well as national health insurers.  We collaborate with eminent investigators at Brown University and Johns Hopkins and have been publicly recognized by the National Institute on Drug Abuse (NIDA) and the American Psychiatric Association.   
Our core values are authenticity, candor, and ambition.   
Our HQ is in Boston, and we are currently opening an office in DE. Most team members work virtually from their homes. As COVID-19 restrictions relax, team members will be expected to attend occasional meetings at the office but will for the most part be able to continue working remotely.   
Inclusion is at the core of what we do. We’re working to bring care to the most underserved and stigmatized patients. We actively welcome applicants from a wealth of different backgrounds (including but not limited to race, gender, educational background, and sexual orientation). We must have diversity on our team and in our mindsets to be successful in moving the needle on the deeply entrenched and systematic challenges we face.   
Marigold Health is an equal opportunity employer. 

Questions? Email ravi[AT] for more info.