Security and Compliance - Lead
Mpirik is addressing the undertreatment of heart diseases by collecting and analyzing data and using novel algorithms to automate patient identification for care. We utilize real-time data streams with hospital system electronic medical records to automate disease screening of cardiovascular diseases and research to drive improved outcomes for patients. We are a small surgeon founded and led healthcare technology company located in Milwaukee, WI.
We are looking for an experienced Security and Compliance leader to drive our compliance program. The successful candidate should be ready to thrive in an entrepreneurial and fast-paced environment.
This role engages with all teams across Mpirik to manage tasks and timelines at various levels within the company. The Compliance and Security Lead will be responsible for researching, developing, implementing, and overseeing all aspects of the Mpirik compliance program, including, but not limited to: ensuring continued HIPAA privacy and security compliance; overseeing organizational policies and procedures; directly implementing associated processes adhering to such policies and procedures; conducting ongoing training and education; managing, reporting, and investigating any compliance matters that arise; monitoring and auditing to identify and reduce violations; and driving a culture of compliance company wide.
- Work closely with teams across the company (engineering, data science, operations, etc.) to ensure successful implementation and enforcement of policies and procedures.
- Develop, enhance, and maintain policies and procedures to ensure compliance under HIPAA, SOC2 and other applicable information privacy and security laws, regulations, and standards.
- Serve as our liaison with external auditors
- Manage and perform periodic risk assessments, mitigations and remediations, and present teams with assessment results along with tactical and strategic recommendations to ensure ongoing compliance.
- Develop and deliver training and education materials and ensure information privacy and security awareness across the company.
- Research and provide ongoing advice and guidance about compliance laws, regulations, and standards.
Desired Skills & Experience
To be successful in this role, you will need:
- Bachelor’s degree in health information management, information technology, or a related field.
- 3-5 years work experience overseeing compliance in a regulated environment
- Deep knowledge of HIPAA and other relevant laws, regulations, and standards.
- Strong knowledge of information technology concepts, security and systems.
- A track record of taking initiative, having the ability to work independently, and be comfortable thriving in ambiguity
Bonus if you have:
- Previous work experience running a HIPAA compliance program
- Familiarity with GDPR, SOC2, PCI, ISO 27001, HITRUST or other compliance frameworks and regulations
- Compliance certifications including CHC, CHPC, CIPP, and/or CCEP, or other relevant compliance certifications
- Experience with security and compliance for Amazon Web Services (AWS) cloud services
- Ownership opportunities
- Unlimited paid vacation days and flexible work hours
- Free parking
- Free food! Fully stocked kitchen with free snacks and drinks
- Weekly sponsored lunch on us
- Health and wellness benefits like ergonomic standing desks and quarterly visits by a massage therapist
- Regular social events in and out of the office
- 100% coverage of expenses related to certification, testing, preparation, and exam fees
Mpirik has seven core values that will inform your experience at Mpirik:
Making Healthcare Better
We see a lot of room for improvement in healthcare and its part of our core to lead the charge for improvement.
Doing More With Less
We strive to set and exceed our own high standards with reasonable resources.
We’re always thinking of ways to change processes, perspectives, and opinions for the better. We learn from everything we do.
Pursuing Growth & Learning
We’re always learning new things and sharing it with each other. You can find insight in the strangest of places.
We celebrate our individual and team victories in a non-boastful way.
Being Adventurous, Creative & Open-Minded
We are open to new ideas and the possibility of failure in all that we do.
Creating Fun in Everything We Do
We want to have fun doing what we love and hope it shows in our products and services.