Source Job

• Partner with organizations of all sizes and industries
• Evaluate IT and security controls for compliance and effectiveness
• Advise on security + privacy requirements (state & federal)

Clark Schaefer Hackett provides customized solutions leveraging strategic skills, financial and operational leadership, and technological advances. They are an elite community that includes trusted advisors with Clark Schaefer Hackett, Clark Schaefer Consulting, and Clark Schaefer Strategic HR.

• Manage SOC 2 Type II audits, serving as the primary point of contact for auditors and collaborators.
• Coordinate HIPAA compliance assessments, including risk analyses, policy reviews, and Business Associate Agreement (BAA) management.
• Conduct structured gap analyses against applicable frameworks to identify control deficiencies and develop prioritized remediation roadmaps.

Rad AI is transforming healthcare with AI-driven solutions, revolutionizing radiology to save time, reduce burnout, and improve patient care. They have secured over $140M in funding and recognized as a fast-growing company, fostering transparency, inclusion, and close collaboration.

• Manage the company's technology infrastructure, including cloud services, networking, and internal application stack.
• Develop and execute the long-term IT roadmap to support Zócalo Health’s rapid growth and scalability.
• Own and lead the HITRUST certification program, including control implementation, documentation, and audit readiness.

Zócalo Health is a tech-enabled, community-oriented primary care organization serving people who have historically been underserved by the healthcare system. Founded in 2021, Zócalo Health is backed by leading healthcare and mission-aligned investors and is scaling rapidly across states and populations.

• Collaborate with the engineering departments to implement security controls from approved security frameworks and drive best IT practices.
• Interface with internal partner teams to help drive best practices and compliance.
• Evaluate and perform Risk Assessments of new software solutions with internal partners.

Judi Health is an enterprise health technology company providing a comprehensive suite of solutions for employers and health plans. They consolidate all claim administration-related workflows in one scalable, secure platform and are working with clients, rebuilding trust in healthcare in the U.S.

• You will help investigate and remediate cybersecurity incidents.
• Escalate cybersecurity incidents as defined by procedure.
• Innovate and act as SME within design and architecture.

Banner Health is a large, nonprofit health care system and a leading nonprofit provider of hospital services. They are committed to using the latest technology to make health care easier, with many locations and career opportunities for employees.

• Conduct structured interviews with partner organizations, operational teams, and technical stakeholders.
• Documents end‑to‑end operational workflows and surface implicit, non‑documented practices.
• Identify workflow fragility zones, handoff risks, and transition‑period vulnerabilities.

Element serves as a partner at the intersection of innovation and our clients' needs, efficiently crafting meaningful user experiences for government and commercial customers. Our talented professionals bring unparalleled energy engagement, setting a higher standard for impactful work.

• Drive vulnerability management activities with cross-functional teams.
• Execute application security testing and lead cyber risk management efforts.
• Oversee remediation of findings from security assessments and testing.

The American Institutes for Research (AIR) is a nonpartisan, not-for-profit organization. They conduct behavioral and social science research and deliver technical assistance to address pressing challenges. They employ data-driven solutions, expanding opportunities and improving lives.

• Support CapIntel’s Governance, Risk, and Compliance program
• Manage third-party risk and customer security reviews
• Support operational security, privacy, and security awareness initiatives

CapIntel is a software platform built for wealth management enterprises to help financial advisors explain complex investment strategies to their clients. Since launching in 2019, CapIntel has seen rapid adoption and industry recognition, earning top placements in Deloitte’s Technology Fast 50 Canada and Fast 500 North America in 2025, ranking us among the fastest -growing technology companies.

• Own and evolve MHN’s enterprise security strategy aligned with business goals and healthcare regulatory requirements.
• Lead security architecture and controls within Microsoft Azure, including identity and access management, network security, encryption, logging, and monitoring.
• Develop and oversee security risk assessments, threat modeling, and vulnerability management programs.

Medical Home Network (MHN) partners with Federally Qualified Health Centers (FQHCs) nationwide to transform care in the safety net, reduce health disparities, and build healthier communities. It is a mission-driven public benefit corporation that helps FQHCs succeed in value-based care through technology, care model innovation, and strong partnerships.

• Oversee third-party and internal risk assessments to support enterprise information security and governance, risk, and compliance (GRC) initiatives.
• Manage vendor due diligence, maintains an accurate risk register, partners with internal stakeholders on mitigation strategies.
• Drive continuous improvement of the risk and compliance framework.

Concorde Career Colleges is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee based on race, color, religion, religious creed, national origin, ancestry, sex, age, veteran or military status, or any other legally protected characteristic. Concorde Career Colleges offer short career-focused programs preparing students for the healthcare industry.

• Develops and refines performance methodologies that support the cybersecurity requirements.
• Oversee independent assessments and review Security Impact Analyses (SIA).
• Incorporate compliance data into the Governance, Risk, and Compliance Tool (GRCT).

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. It is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development.

• Lead the organization’s cybersecurity strategy, governance, and operational security programs.
• Protect company systems, networks, and data by developing security policies and managing risk.
• Oversee security operations and lead incident response efforts.

Lightcast is a global leader in labor market insights with headquarters in Moscow, ID (US) and offices in the United Kingdom, Europe, and India. They drive economic prosperity and mobility by providing insights to build and develop people, institutions, companies, and communities.

• Manage and develop staff members under Product Compliance.
• Oversee and contribute to the vulnerability management lifecycle.
• Assess and serve as a subject matter expert for regulatory and compliance requirements.

ExtraHop is a company that focuses on network detection and response (NDR) to help organizations stay ahead of emerging threats. They integrate network threat detection, network performance management, intrusion detection, and packet forensics into a single console.

• Assist in the preparation and execution of third-party audits and assessments.
• Support the development and maintenance of Eltropy’s GRC program.
• Conduct and manage vendor security assessments, maintain risk tracking, and ensure third-party compliance.

Eltropy is a FinTech company aiming to transform financial service access. They provide an AI-enabled digital conversations platform for community financial institutions to enhance operations, engagement, and productivity.

• Own enterprise security, cloud, and application security, and corporate IT.
• Lead security engineering, security operations, and corporate IT.
• Partner closely with Engineering, Platform, and Operations to embed security and reliability into how Redox builds and runs software.

Redox aims to accelerate healthcare’s transformation with useful data. Redox Engine connects and powers real-time healthcare data exchange across a network of 12,000+ systems and organizations.

• Provide expert-level cybersecurity support across cloud and enterprise computing environments.
• Evaluate security requirements, identify vulnerabilities, and recommend mitigation strategies.
• Weigh business needs against cybersecurity risks and communicate security implications.

JHNA, CTSI, and EXPANSIA have come together to form a Defense Technology platform focused on delivering high-impact technologies and technology-enabled services to the U.S. Department of Defense. The organization operates as a multi-entity aerospace and defense technology, tech-enabled services, and manufacturing enterprise positioned for scalable growth and long-term value creation.

• Lead audit readiness and execution for SOC 2, ISO 27001, PCI DSS, and other compliance frameworks relevant to our customer base
• Manage the compliance lifecycle in a compliance platfom (such as Vanta, Drata etc) including evidence collection, control mapping, and continuous monitoring
• Coordinate cross-functional audit activities with engineering, product, security, infrastructure, and support teams to gather evidence and remediate findings

Supabase is a born-remote and open-source-first company that provides tools developers love. They have 180+ team members across 40+ countries, and deeply believe in the open-source ecosystem and strive to support existing tools and communities.

• Manage and influence both physical and cyber security risk.
• Support the development and execution of the information security strategy.
• Oversee day-to-day security operations including monitoring and incident response.

Jobgether uses an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Their system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company.