Senior Security Specialist

Fabric Health is a leading healthcare technology startup revolutionizing how patients access and experience care. Our innovative platform reimagines how patients connect to care—delivering personalized guidance, tailored engagement, and intuitive experiences throughout their healthcare journey. We are a passionate, mission-driven team committed to improving healthcare outcomes and expanding patient access to high-quality, personalized care.

Some of Fabric’s customers include Luminis Health, OSF HealthCare, MUSC Health, and Intermountain. Fabric is backed by Thrive Capital, GV (Google Ventures), Salesforce Ventures,Vast Ventures, BoxGroup, and Atento Capital.

About the Role

As a vital member of our team, you will partner closely with the Chief Information Security Officer (CISO) and the Product and Engineering Team to integrate security and business needs into technical designs, as well as configure and validate the security of our information systems. Your expertise will be crucial in maintaining a robust security posture and ensuring compliance with industry standards.

As the Senior Security Specialist, you will

• Establish, implement, and continuously monitor security and privacy controls to safeguard our systems and Develop and recommend solutions for information security requirements and lead the remediation of identified issues.
• Serve as a subject matter expert (SME) for clients and partners on Fabric's privacy and security protocols.
• Spearhead external audits of Fabric's systems, ensuring compliance with frameworks such as HITRUST, SOC 2, HIPAA, and PCI-DSS.
• Conduct thorough audits of third-party suppliers and vendors, providing valuable insights and recommendations to leadership on associated risks.
• Develop and maintain comprehensive security documentation, including policies, standards, procedures, and guidelines, reflecting industry best practices.

Requirements

• Minimum of 5 years of experience in healthcare security and compliance.
• Bachelor’s degree or equivalent work experience.
• Experience with HIPAA Compliance regulations.
• Experience with HITRUST CSF.
• Experience with AWS and cloud security.
• Knowledgeable of software engineering best practices around SDLC (software development Life Cycle). How engineering teams ship software, utilizing peer reviews and automated tested, that is well tested and secure.
• Adept at professional communication, you can research, prepare, and deliver high-quality communications, clearly articulating security issues and resolutions to both technical and non-technical audiences.
• Demonstrated expertise and a strong track record of ensuring compliance with relevant security and privacy frameworks.
• Proven ability to manage time effectively and excel in a dynamic, remote work environment.
• Exceptional attention to detail and the capacity to manage multiple priorities effectively.
• Relevant certifications such as CISA, CISM, or CISSP are advantageous but not mandatory.
• Experience with SaaS environments is advantageous but not mandatory.

At Fabric, we believe that a diverse workforce is essential to our success. We are an equal opportunity employer and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, veteran status, or any other legally protected characteristic. We actively encourage individuals from all backgrounds to apply. #LI-Remote