Level Up Healthcare: Security Operations Lead at Freshpaint
Are you a cybersecurity professional passionate about safeguarding sensitive data and building robust security programs? Do you thrive in a fast-paced, high-impact environment? If so, Freshpaint is looking for you!
We're not just another tech company. Freshpaint is revolutionizing how healthcare organizations leverage customer data while ensuring patient privacy. Our innovative platform helps healthcare marketers promote access to care and comply with stringent regulations like HIPAA.
Imagine empowering healthcare providers to improve patient experiences and reach those in need, all while maintaining the highest standards of data security. That's the challenge – and the reward – of working at Freshpaint.
The Mission: Secure Healthcare's Future
As our Security Operations Lead, you'll be the driving force behind Freshpaint's operational security initiatives. You'll bridge the gap between engineering, compliance, and operations, ensuring we maintain a proactive and continuously improving security posture. This role is critical to the ongoing success of our mission.
What You'll Do
Champion Compliance: Own and manage recurring security compliance programs, including SOC 2 Type II, HITRUST R2, and other relevant certifications and audits.
Lead Penetration Testing: Coordinate annual penetration tests, meticulously track findings, and drive remediation efforts to fortify our defenses.
Architect Security Controls: Maintain and continuously enhance Freshpaint's security controls and documentation, ensuring we stay ahead of emerging threats.
Empower Engineering: Partner with engineering and product teams to operationalize security best practices across all systems, tools, and processes.
Assess Risk: Support risk assessments, vendor security reviews, and internal audits, identifying and mitigating potential vulnerabilities.
Be the Security Voice: Act as a primary point of contact for external auditors, customers, and vendors, confidently addressing security-related inquiries.
Cultivate Security Awareness: Drive security awareness and education initiatives across the company, fostering a culture of security-consciousness.
What You'll Bring
Experience: 3+ years in security operations, GRC, or compliance within a SaaS or cloud-based company.
Framework Expertise: Deep understanding of security frameworks and standards (SOC 2, HITRUST, ISO 27001, etc.).
Audit Management: Proven experience managing audits and collaborating directly with assessors and penetration testing vendors.
Cloud Proficiency: Familiarity with cloud infrastructure (AWS, GCP) and modern software development practices.
Communication Prowess: Exceptional project management and cross-functional communication skills.
A Proactive Mindset: Organized, detail-oriented, and passionate about building scalable security programs in a dynamic environment.
Bonus Points
Experience with automation tools for evidence collection and continuous compliance.
Prior experience in a startup or high-growth environment.
Relevant certifications (CISA, CISSP, CISM, or HITRUST CCSFP).
Why Freshpaint?
We offer more than just a job – we offer a mission, a team, and a culture that values innovation, collaboration, and impact. Here's what you can expect:
Competitive Pay & Equity: We value your contribution and reward it accordingly with a generous equity package (10-year exercise window).
Fully Remote Freedom: Work from anywhere in the U.S. with a $150/month coworking stipend.
Half-Day Fridays: Enjoy a head start on your weekend, every Friday.
Unlimited PTO: Recharge and rejuvenate with unlimited PTO, and we require you to take at least 2 weeks!
Comprehensive Benefits: Top-tier health, dental & vision insurance, 100% covered for you, 80% for dependents.
"Treat Yourself" Days: Two days a year to pamper yourself with $100 and a day off.
Generous Parental Leave: Support for growing families.
Epic Offsites: Join us twice a year for unforgettable team retreats (past trips: Greece, Jackson Hole, Cabo, wine country + more).
Want to learn more? Check out our careers page for the full scoop!
Ready to make a difference in healthcare security? Apply now!