Blink Health is a well-funded healthcare technology company on a mission to make prescription drugs more accessible and affordable for everyone. We're scaling up in a highly complex vertical to change the way Americans access the prescription drugs they need.
Our proprietary platform and supply chain allow us to offer everyone — whether they have insurance or not — amazingly inexpensive prices on their medications. Blink is providing a life-changing experience for people all over the country and fixing how opaque, unfair and overpriced healthcare has become. We are a highly collaborative team of builders and operators who invent new ways of working in an industry that historically has resisted innovation. Join us!
We are looking for a passionate and collaborative Information Security Technical Program Manager (TPM) with expertise in Governance, Risk and Compliance (GRC) functions and healthcare information security (HIPAA, HITRUST, PCI DSS). The ability to collaborate and respond quickly to changing circumstances are key to success in this role. You will be engaged across the organization to frame, drive, identify, and address our core security needs. You will work closely with other key stakeholders, including IT, the Privacy Office, and Legal.
What You Will be Doing:
- Researches, designs, and implements Governance Risk and Compliance (GRC) programs and solutions that comply with all applicable security policies and standards (HIPAA, HITRUST, PCI DSS)
- Assists in the review and update of cyber security policies, and standards
- Assists in the planning of Blink Health’s Disaster Recovery (DR) and Business Continuity Management (BCP).
- Facilitate vendor security reviews, and partner with legal to review security language in contractual agreements
- Facilitates information security risk assessments
- Supports Blink security awareness programs
- Establish metrics to measure and continuously improve our security posture
- Assists in responding to audits, penetration tests and vulnerability assessments
- Has good judgment, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity
- Has an ability to effectively influence others to modify their opinions, plans, or behaviors
- Self-motivated and possessing of a high sense of urgency and personal integrity
What You Will Need:
- Bachelor's Degree in Computer Science or equivalent industry experience
- 3+ years in an Information Security GRC or TPM role, ideally in a healthcare technology startup
- Experience establishing and managing programs to support HIPAA and the like
- Demonstrated experiences in leading GRC functions and initiatives
- Knowledge and experience in state and federal information security laws, including but not limited to HIPAA, including NIST, PCI, CCPA and all other applicable regulations.
- Strong verbal/written communication and presentation skills - ability to clearly communicate high level strategy as well as technical details, and communicate through all levels of the organization.
- Master's Degree in Computer Science or equivalent industry experience
- Experience with agile/iterative development and program management methodologies
- Demonstrated passion for making things better and building resourceful solutions
- CISSP, CISA, or CISM certification. Other relevant security certifications will be considered.
Why Join Us:
At Blink, we put humans first. We want everyone at Blink to be able to do the best work of their lives. We are a relentlessly learning, constantly curious and aggressively collaborative cross-functional team dedicated to inventing new ways to improve the lives of our customers.