About Happify Health
Happify Health is a world leader in the development and delivery of digital mental health solutions, including digital therapeutics. Our platform has been made accessible to over 10 million people and is used by millions.
We are scientists, researchers, health care clinicians, and digital gaming experts passionate about bringing our unique expertise and areas of knowledge together to think differently and to create new highly effective approaches to mental health, making them accessible through technology.
Working closely with health plans, pharmaceutical companies, and self-insured employers, Happify Health uses evidence-based science such as CBT, positive psychology, and mindfulness and combines it with leading-edge, engaging technology to help individuals improve their mental health and wellbeing so they can live life more fully.
About the Role
The Director IT Compliance, Security and Risk will have the responsibility to design, develop and implement Happify’s security, data protection, IT risk management and other IT related compliance programs. These programs will center around GDPR compliance, cybersecurity and HIPPA compliance. This is a dynamic role for an individual with a strong background in IT compliance and IT security. This role will work with executive management throughout Happify to identify risks and address compliance concerns, a highly visible role.
- Review, improve, create, and monitor security processes and company IT policies.
- Coordinate, monitor, develop, implement and maintain IT Compliance program.
- Create a framework that effectively measures compliance standards with information policies.
- Develop and maintain a strategy for managing security related audits, compliance checks and external assessments.
- Create and execute a strategic annual Compliance Monitoring and Testing plan.
- Ensure IT compliance programs meet all industry applicable rules, regulations, standards, laws.
- Track and ensure adequate and timely resolutions to all audit/review issues relating to IT compliance.
- Conduct Vendor (Third Party) risk assessments.
- Provide guidance, evaluation and advocacy on all audit responses.
- Create compliance reports as required.
- Bachelor’s degree in Computer science or other related discipline.
- Minimum of 7 years experience in IT auditing and at least 5 years working with IT management in compliance.
- Preferred certifications include:
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Certified Security Plus (+)
- Knowledge of ISO/IEC 27001, ITIL, COBIT, and NIST.
- Strong knowledge of Cloud Security requirements and relevant legal, regulatory and privacy requirements.