See Job Openings

Head of Security Operations

  • Location: San Francisco, California
  • Type: Direct Hire
  • Job #2316

Their healthtech partner seeks an experienced Head of Security Operations to support its growing technology team.

Working in concert with their security vendors, the Head of Security Ops’s role is to be the internal point of contact and administrator for HITRUST certification and maintenance. The Head of Security Ops also generally works to ensure both the platform and the broader team maintain compliance surrounding HIPAA, HITRUST, and general cybersecurity best practices. Working in conjunction with the CTO, the Head of Security Ops develops, refines, and enforces policies and procedures across the organization. This position reports to the Chief Technology Officer.


The Head of Security Ops is generally responsible for:

  • Policy and Procedure Stewardship
  • Working under the direction of the Agathos Head of Security Ops and CTO,

enhancing existing policies and procedures and enforcing compliance relative to

user provisioning, IAM, change control, firewall rules, and mobile device

management using JAMF

  • Management of staff adherence to policies leveraging of third-party tools, such

as myVCM or others

  • Familiarity with protected healthcare data in the context of HIPAA and HITRUST
  • Regular consulting for the engineering and data science teams surrounding data

pipeline components to support security requirements and compliance

  • Participation in governance structures to oversee change control, policies and

procedures, network security, and data privacy

  • Acting as lead facilitator for customer security reviews relative to onboarding at –

new hospitals

  • HITRUST Program Management
    • Working with their HITRUST vendors, serving as organizational point of contact

and administrator for HITRUST certification and maintenance

    • Continuously improving internal processes to support certification requirements,

and working with the CTO to shorten the feedback loop between flagged issues, remediation, and auditable proof of resolution

    • Generally maintaining an auditable security posture
    • Team Training
    • Conducts or facilitates the providing of regular HIPAA and cybersecurity training for all organizational staff
    • Security Team Management
    • As the organization grows, security infrastructure engineers will report directly to the Head of Security Ops
    • Responsibility for creating clarity of roles and responsibilities for infrastructure engineers
    • Working with infrastructure engineers, creating strategically meaningful quarterly
    • OKRs and KPIs, and supporting the team to execute against targets

What You’ll Bring:


  • Demonstrated ability to work cooperatively and strategically in a team
  • environment with all levels of professional, technical, and administrative staff
  • Excellent interpersonal and communication skills
  • Ability to deal with highly confidential information and act as a liaison between
  • the Chief Technology Officer, Head of Security Ops, the Data Science teams, and Engineering teams
  • Skills to collaborate with and achieve actionable results through and with others
  • Ability to build strong and sustainable relationships


Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!