Security Analyst - Fortify Healthcare AI at Scale
Join Notable, a leading healthcare AI platform, where your expertise in cybersecurity isn't just a role—it's foundational to our mission to transform healthcare for humanity. We empower health systems, hospitals, and payers to enhance quality, close care gaps, drive growth, and scale efficiently without increasing staff.
Our Mission: Impacting 100 Million Patients
At Notable, we are driven by a profound purpose: to improve the lives of patients, staff, and clinicians every single day. Our ambitious goal to impact 100 million patients is a commitment to creating meaningful, large-scale change. When you join us, you become part of a force actively transforming healthcare, where security is paramount to building and maintaining trust.
Our culture is rooted in this mission, offering each team member the opportunity to do their best work, collaborate with exceptional colleagues, and achieve great things together.
Your Impact as a Security Analyst
At Notable, securing the highly sensitive health data our customers entrust to us is critically important. As a Security Analyst, you will be instrumental in safeguarding our platform, ensuring continuous compliance, and reinforcing our position as a trusted leader in healthcare AI. You'll work at the intersection of cutting-edge technology and vital data protection, collaborating closely with our Product, Engineering, Sales, Operations, and Customer Success teams to embed information security into every decision and every facet of our organization.
What You'll Do
Spearhead the continuous update and maintenance of Notable's comprehensive Information Security Management System (ISMS) policies and procedures, ensuring alignment with the latest best practices and security standards.
Play a key role in orchestrating and supporting internal and external security audits, including critical frameworks such as HITRUST, SOC 2, ISO, and PCI.
Provide expert guidance to Notable teams, ensuring robust compliance with our ISMS and proactively addressing risk assessments.
Conduct thorough security assessments of external vendors, verifying their compliance with Notable’s stringent ISMS requirements.
Lead internal security audits and investigations, driving continuous improvement in our security posture.
Serve as a primary point of contact for customer information security teams, expertly completing security questionnaires and fulfilling documentation requests.
Develop, deliver, and administer effective security awareness training and educational materials, covering vital topics like PHI handling and HIPAA compliance, to foster a security-conscious culture.
Contribute to the implementation and optimization of vulnerability management programs and secure coding processes within our development lifecycle.
Actively participate in business continuity planning and incident response initiatives, enhancing our resilience and recovery capabilities.
What You'll Bring (Essential Qualifications)
Demonstrated experience managing security compliance projects within public cloud environments (GCP/AWS).
Proven ability to thrive and succeed in a fast-paced, highly collaborative environment.
Solid experience with third-party vendor security management.
Hands-on experience with business continuity planning and incident response.
Familiarity with vulnerability management principles and secure coding best practices.
A deep commitment to safeguarding sensitive data and maintaining the highest standards of security.
Even Better If You Have
Experience working within a highly regulated industry (e.g., healthcare, finance, government).
A curious and adaptable mindset, eager to tackle diverse challenges and wear multiple hats in a dynamic startup environment.
Strong empathy and exceptional communication skills, crucial for effective cross-functional collaboration.
Location & Collaboration
We value in-person collaboration and connection. For Bay Area–based employees, this role requires being in our San Mateo office at least three days a week. For remote employees, occasional travel to headquarters is expected for company-wide events and onsite gatherings.
Important Notice: Beware of Job Scam Fraudsters!
Our recruiters use @notablehealth.com email addresses exclusively. We do not conduct interviews via text or instant message, ask you to purchase equipment through us, or request sensitive personally identifiable information such as bank account or social security numbers. If you have been contacted by someone claiming to be us from a different domain about a job offer, please report it as potential job fraud to law enforcement and contact us here.