Chief Information Security Officer (Director-Level)

Who You Are

You’re a collaborative professional, driven by the potential to make a meaningful impact in healthcare. The challenges of healthcare don’t deter you—instead, you see them as opportunities to find innovative solutions that benefit the partners, people, and communities we serve. Honest Health’s commitment to purpose, innovation, communities, and kindness resonates with you, inspiring you to bring commitment, creativity, and compassion into your work. You’re ready to join a team focused on reimagining primary care for a healthier future that benefits all.

Does this sound like you? If so, we should talk.

Who We Are

At Honest Health, we believe in purpose and partnership to lead the transformation in primary care. Our team of healthcare experts and clinicians collaborates with a range of stakeholders—from health systems, physician organizations, and payers to providers, practices, and patients — to deliver innovative solutions that elevate care, control costs, and support long-term health. Guided by our core values, we’re creating a value-driven model that creates lasting benefits for everyone, now and into the future.

For us, that's just an Honest day’s work.

Your Role

This director-level position will lead the development and implementation of the organization’s information security strategy to protect data, ensure regulatory compliance, and manage cybersecurity risks. The Chief Information Security Officer (CISO) role will require a leader with deep knowledge of healthcare regulations and standards such as HIPAA, HITRUST, and NIST. The role will report to the Chief Information Officer and will require the ability to be strategic in vision and practical in execution, helping Honest to continuously evolve and strengthen our security posture.

Primary Functions of the Chief Information Security Officer Include:

• Develop and continuously evaluate and evolve Honest’s information security roadmap and posture.
• Develop, implement, and monitor a comprehensive enterprise information security and risk management program, in collaboration with our Compliance team and other business partners.
• Align and prioritize actions within the cyber security program that align with our organization’s objective goals, meets the needs of our partners and focuses on data protection, threat management, and risk mitigation.
• Ensure compliance with healthcare regulations including HIPAA, HITRUST, and other applicable standards.
• Oversee incident response planning, and the investigation of any security incidents, ensuring timely reporting to the executive team and all relevant stakeholders.
• Collaborate with our business partners across the organization to integrate security best-practices across the organization.
• Oversee and evaluate third-party security assessments to ensure vendor compliance with organizational security policies and industry standards. Collaborate with both our People and Culture and Marketing teams on security training and awareness programs for all staff to help foster a culture of security awareness.
• Provide regular reports to the executive team and board on the status of the information security program and emerging threats.
• Implement, manage and enforce information security directives as mandated by Federal and State regulations, including but not limited to the Health Insurance Portability and Accountability Act (HIPAA).
• Develop and enforce policies and procedures and provide oversight of functional areas including, but not limited to: workforce training involving confidentiality, integrity and availability of data within Honest’s electronic systems and cloud-hosted data.
• Work across the organization to ensure that the access control, disaster recovery, business continuity needs of the organization are properly addressed
• Conduct research in and stays current with security vulnerabilities and remediation efforts.
• Perform other related responsibilities as required.

How You Qualify

You reviewed the Who You Are section of this job posting and immediately felt the need to read on. This makes you a match for our innovative culture. You accept things change quickly in a startup environment and are willing to pivot quickly on priorities.

• Bachelor’s degree in information technology or related field of study required; Master’s degree in business or IT fields considered a plus
• 7+ years of experience in Information Technology Enterprise and Infrastructure with at least 5 years in leadership roles
• 5+ years of experience of operational delivery in a healthcare environment
• Thorough knowledge of state-of-the-art information security practices
• Thorough knowledge of technical infrastructure security components and integrated computerized rules-based systems
• Thorough knowledge of Federal and State privacy and security laws and regulations and industry best practices as they relate to healthcare information security
• Ability to manage the security of health information across a widely dispersed workforce with a variety of information mediums
• Ability to read, interpret and apply technical information and business level requirements
• Ability to analyze and resolve security problems quickly
• Ability to direct and evaluate the work of lower-level staff and vendors
• Ability to communicate effectively, both orally and in writing
• Ability to establish and maintain effective working relationships with a diverse constituency

The base pay range for this role is $162,700.00 - $191,100.00. Compensation takes into account several factors including but not limited to a candidate’s experience, education, skills, licensure and certifications, and organizational needs. Base pay is just one piece of the total rewards program offered by Honest. Eligible roles also qualify for short-term incentives and a comprehensive benefits package.

How You are Supported

Full time team members may be eligible for:

Competitive Compensation

• Attractive base salary with performance-based bonuses and rewards
• 401(k) plan with a generous company match, fully vested from day one

Comprehensive Health and Wellness Benefits

• Flexible health, dental, and vision insurance options tailored to your needs
• Company contribution towards health savings accounts (HSA) for high-deductible health plan (HDHP) participants
• 100% company-paid short-term disability, long-term disability, and life insurance
• Wellness programs and resources to support your physical and mental health

Work-Life Balance

• Generous paid time off, including vacation, sick leave, and 11 paid holidays annually
• Two paid volunteer days to support causes you're passionate about
• Flexible work arrangements to accommodate your lifestyle

Professional Development

• Robust onboarding program and ongoing training opportunities
• Reimbursement for role-related continuing education and certifications

Family-Friendly Policies

• Paid parental leave for new parents
• Dependent care flexible spending accounts
• Support for work-life integration

Collaborative and Purpose-Driven Environment

• Work alongside professionals who share your commitment to Honest's high-quality, value-based care model
• Opportunities to contribute to meaningful projects and initiatives

Additional Perks

• Team member recognition programs
• Team-building events and social activities

Join us and experience a rewarding career where your contributions are valued and your growth is supported.

Honest is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. 

Honest is committed to working with and providing reasonable accommodations to job applicants with physical or mental disabilities. Applicants with a disability who require a reasonable accommodation for any part of the application or hiring process should email talent@honest-health.com for assistance. Reasonable accommodation will be determined on a case-by-case basis.

Honest Health values a secure and transparent recruitment process. We contact candidates through our official recruiting platform, email, or text message. When working directly with candidates, Honest Health will always use an HonestHealth.com or Honest-Health.com email address. Our hiring process includes a live phone call or in-person interview before any formal offer is extended.

To safeguard your personal information, Honest Health will never ask for confidential details—such as social security numbers, bank accounts, or routing numbers—before making a formal offer. We will also never request financial transactions, PINs, passwords, or security access details through email, text, Venmo, or any social media platform.

We encourage all candidates to verify the contact information of individuals they interact with during the recruitment process. If you have any questions about the authenticity of a communication, please reach out to our team at talent@honest-health.com.