Compliance and Security Officer

Remote (USA) /
Compliance & Information Security /
Marigold Health is looking for our first Compliance & Information Security Specialist to design and oversee our compliance and security programs as we continue to grow the complexity of our organization and expand our product offerings. Our services, which include anonymized digital messaging across various platforms, are novel and require someone who is adaptive and well-versed to ensure we’re operating at the highest standards, and always maintaining the privacy and trust of our patient users. You will own policy design, implementation and internal auditing to mitigate risk in a rapidly changing regulatory environment. You will manage our certification processes, security questionnaires, and risk assessments with various private and public stakeholders. If you’re excited by the idea of architecting safe and compliant systems for a novel peer support program that supports patients normally overlooked by the system, we want to hear from you.  

About Marigold    
Marigold Health exists to give every person with a mental health or substance use condition a place to feel heard.  We have designed an asynchronous-first treatment program where patients support each other. We believe peers, individuals in recovery themselves who have received training to support others, can empower and engage those least likely to interact with current forms of care. 

What You'll Do

    • Draft compliance polices and establish safeguards 
    • Maintain auditable logs of sensitive business operations  
    • Lead company through relevant certifications (e.g. HITRUST, SOC2) 
    • Respond to client and external requests such as security and privacy diligence questionnaires, assessments and audits 
    • Conduct risk assessments and audits on internal processes, Business Associates, and other third parties 
    • Work with department heads to ensure access controls, disaster recovery, and incident policies are practical in day-day work settings  
    • Manage required security and privacy training for internal employees 
    • Assist in the management of current and future technology vendors 
    • Help enforce compliance and security best practices across the organization 
    • Inspect and test product iterations to quality & compliance specifications 

Your Skills

    • Minimum of 5 years of information security or compliance experience required 
    • Preferred professional certifications: CISSP, CCEP, CHC 
    • Expertise in HIPAA, state, and federal guidelines on privacy, transactions, and security. 
    • Working knowledge of threat vectors in mobile, web, telecommunication, and physical environments 
    • Concise, understandable, and efficient writing skills and the ability to interact professionally with a diverse group of employees, clients and subject matter experts 
    • Outstanding negotiation, facilitation, and consensus building skills 

    • Nice to have 
    • Experience working in mental health, SUD and/or digital, remote program delivery  
    • Experience in SOC2, PCI, or HITRUST audits 
    • Experience working in a high-growth startup environment 

    • Who You Are 
    • Motivated by our mission to give every single patient with a mental health condition a unique voice  
    • Passionate about security, privacy, and compliance - handling protected health information is a serious responsibility  
    • Proactive in self-directing work to areas of high impact 
    • Methodical and organized despite an unstructured environment   
    • Scrappy, able to iterate on processes with existing resources 

    • Reporting, Schedule and Location: This is a FT opportunity reporting to the Chief Product Officer. You can work remotely anywhere in the US. Most team members work virtually from home and are located on the east coast and internationally. If you prefer in-person work for any portion of the week, we currently have offices in Delaware and Massachusetts. You should expect to be available during east coast hours. Occasional travel to our offices and peer sitesalso a part of this role, as COVID-19 protections ease. Travel costs will be covered by the company. 

      Why You'll Love This Role 
    • Be directly involved with saving lives by deploying a first-of-its-kind treatment model      
    • Have a scalable impact as we expand nationally, using our technology to expand Marigold’s reach       
    • Contribute to and gain expertise from a diverse, interdisciplinary team that includes clinicians, data scientists, and peer workers  

    • Compensation, Benefits and Culture 
    • The base salary range for this role is $120-160K, depending on experience. As part of our founding team, this role will include ownership equity.  
    • Comprehensive healthcare coverage, including fully covered premiums for individuals (with the option to cover dependents for a cost) and a dedicated mental health benefit     
    • 4 weeks of PTO     
    • Computer and equipment provided     
    • Company travel budget and professional development budget 
Interview Process  
After you submit your application, it will be reviewed by the hiring manager and select members of the team. If it seems like we are a good fit for each other, we will follow up and schedule a 15-30 minute phone call with one of our leaders to get to know you. 

If we jointly decide to move forward, you can plan to (virtually) attend a 45-60 minute video interview with the Chief Product Officer. The final stage would be to meet (2-4) other members of the team via video conference for additional conversations about your approach to collaboration, your relevant experience to current projects, and alignment with our values. All in, you can expect the time commitment for this stage to be 3-4 hours of synchronous interaction, scheduled to fit your needs. 

If you complete interviews, we will provide a decision or clear next step within five business days. We are ready to hire as soon as we find the right candidate. We can’t wait to meet you! 
More About Marigold  
Marigold Health is an early-stage, rapidly growing startup providing services for a range of community based mental health and substance use treatment providers as well as national health insurers.  We collaborate with leading investigators at Brown University and Johns Hopkins and have been publicly recognized by the National Institute on Drug Abuse (NIDA) and the American Psychiatric Association.       

Our program is a combination of 1-1 coaching and 24/7 anonymous chat support groups accessed over phone, SMS, and app/web. On the backend, proprietary natural language processing tools scale our peer workforce by augmenting group moderation, automating patient outreach, and sending sentiment-based “alerts” to coordinate care with other providers. Following strong results from our first clinical studies, we are entering a period of rapid growth, and expect to expand from 2 states today to 12 by this time next year.  
Our core values are authenticity, candor, and ambition. Inclusion is at the core of what we do. We’re working to bring care to the most underserved and stigmatized patients. We actively welcome applicants from a wealth of different backgrounds (including but not limited to race, gender, educational background, and sexual orientation). We must have diversity on our team and in our mindsets to be successful in moving the needle on the deeply entrenched and systematic challenges we face.       

 Marigold Health is an equal opportunity employer.