About Fabric HealthAt Fabric Health, we're not just building technology; we're fixing healthcare's capacity problem. Our mission is to power healthcare to move faster, work smarter, and deliver better care, creating seamless, intuitive experiences that simplify and unify virtual and in-person care for thousands of providers and millions of patients nationwide. We're a team of brilliant, thoughtful minds, deeply motivated by improving patient and provider lives, and we believe technology can truly enhance the US healthcare system.
Trusted by leading healthcare organizations: Our customers include Luminis Health, OSF HealthCare, MUSC Health, and Intermountain.
We are backed by leading investors such as Thrive Capital, GV (Google Ventures), General Catalyst, Salesforce Ventures, Vast Ventures, BoxGroup, and Atento Capital. We value working quickly for good reason, listening deeply to solve big challenges, and building products like we would for loved ones.About the RoleAs a vital member of our team, you will partner closely with the Chief Information Security Officer (CISO) and the Product and Engineering Team to integrate security and business needs into technical designs, as well as configure and validate the security of our information systems. Your expertise will be crucial in maintaining a robust security posture and ensuring compliance with industry standards.What You'll DoAs a Senior Security Specialist, you will be instrumental in safeguarding our systems and ensuring compliance. Your primary responsibilities will include:
- Establishing, implementing, and continuously monitoring security and privacy controls to safeguard our systems.
- Developing and recommending solutions for information security requirements, and leading the remediation of identified issues.
- Serving as a go-to subject matter expert (SME) for clients and partners on Fabric's privacy and security protocols.
- Spearheading external audits of Fabric's systems, ensuring compliance with frameworks such as HITRUST, SOC 2, HIPAA, and PCI-DSS.
- Conducting thorough audits of third-party suppliers and vendors, providing valuable insights and recommendations to leadership on associated risks.
- Defining and implementing our security documentation strategy to ensure our teams have clear, actionable best practices.
- Partnering closely with engineering teams to ensure software is shipped securely, utilizing best practices around SDLC (Software Development Life Cycle), peer reviews, and automated testing.
Why You Might Be a Good Fit
- You are deeply passionate about maintaining a robust security posture and ensuring compliance with industry standards.
- You thrive on being a go-to expert, providing valuable guidance to both internal teams and external clients on privacy and security protocols.
- You excel in a fast-paced, remote environment where managing time and multiple priorities effectively is key.
- You have an unwavering commitment to detail and a track record of ensuring compliance with security and privacy frameworks.
- You are an exceptional communicator, able to articulate complex security issues and resolutions to both technical and non-technical audiences with clarity and professionalism.
This Might Not Be The Right Fit If...
- You prefer a role with a narrow focus and limited interaction with cross-functional teams and clients.
- You are not comfortable with the pace and ambiguity of a dynamic, remote work environment.
- You lack a deep interest in the specific intersection of security, compliance, and healthcare technology.
- You are not prepared to be a hands-on, subject matter expert responsible for guiding other teams and leaders.
Your Qualifications
- Minimum of 5 years of experience in healthcare security and compliance.
- Bachelor’s degree or equivalent work experience.
- Experience with HIPAA Compliance regulations.
- Experience with HITRUST CSF.
- Experience with AWS and cloud security.
- Knowledgeable of software engineering best practices around SDLC (Software Development Life Cycle), peer reviews, and automated testing.
- Adept at professional communication, you can research, prepare, and deliver high-quality communications, clearly articulating security issues and resolutions to both technical and non-technical audiences.
- Demonstrated expertise and a track record of ensuring compliance with relevant security and privacy frameworks.
- Proven ability to manage time effectively and excel in a dynamic, remote work environment.
- Exceptional attention to detail and the capacity to manage multiple priorities effectively.
Bonus Points
- Relevant certifications such as CISA, CISM, or CISSP.
- Experience with SaaS environments.
The national pay range for this role is $75,000.00 – $150,000.00 per year. Actual compensation will be determined by factors such as the candidate's geographic market, experience, skills, and qualifications. Certain roles may also be eligible for additional compensation, including a comprehensive benefits package such as medical, dental, vision, unlimited PTO, and a 401(k) plan, stock options and bonuses. If your compensation requirement is greater than our posted range, please still consider applying; a determination can be made based on unique qualifications. Expected compensation ranges for this role may change over time.Learn more about Fabric
- LinkedIn
- Awards
- Press Releases
- Careers Page
At Fabric, we believe that a diverse workforce is essential to our success. We are an equal opportunity employer and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, veteran status, or any other legally protected characteristic. We actively encourage individuals from all backgrounds to apply.#LI-Remote

PI276702250