Head of Data Security
At Nayya, we believe there’s a better way to choose benefits. A more transparent, less confusing way for employees to control their health and financial potential. Powered by billions of data points and machine learning, our benefits experience platform delivers personalized decision support and guidance during open enrollment, new employee onboarding, qualifying life events, and in the moments that matter all year round. This is one of the most stressful and challenging situations consumers face – and we see that as an opportunity to build an innovative response that can help millions of Americans possess the control and understanding they deserve.
As the Head of Data Security, you will own Nayya’s information security and privacy program. You will be a vital resource to the leadership team, designing and executing cross-functional security initiatives throughout the organization and enabling Nayya to better prevent, detect, and respond to real-world threats. Additionally, you will evolve Nayya’s compliance position and align efforts with industry recognized frameworks and regulations.
- Own the vision and direction of Nayya’s information security and privacy program
- Strategically evolve Nayya’s governance, risk, and compliance practices
- Identify and seize opportunities to reinforce the overall security posture of Nayya’s products
- Monitor the security of Nayya’s security infrastructure through reporting tools and ensuring alignment with key access controls
- Lead and facilitate effective cross-functional collaboration on key security initiatives throughout the organization
- Execute audit and certification programs such as SOC2 and HiTrust
- Support the sales team as a subject matter expert on matters related to Cybersecurity
- Hire talented security engineers or contract staff and facilitate the professional growth of the team, as the company scales
- 7+ years of Information Security experience, with at least 2 years in a leadership position
- Proficiency with common security and privacy frameworks (e.g. SOC 2, HIPAA, HiTrust, CCPA)
- Proven ability to develop and oversee an organization-wide security and privacy program
- Experience managing a team of security engineers in a fast-paced environment
- Excellent communication skills
- Strong knowledge of security engineering principles, networking concepts, identity, access control, applied cryptography, and secure Devops architecture
- Experience with AWS cloud security tool suite, and secure cloud architecture
- CISSP or similar certification is a plus!
The salary range for New York based candidates for this role is $150,000- $195,000. We use a location factor to adjust this range for candidates that are located outside of geographic region of our New York office. Placement within the salary band is determined based on experience.
#LI-HYBRID (if NY)
Why Join Nayya?
- Be an early employee of a quickly growing, VC-backed start-up - grow with us!
- Have a meaningful impact on a platform that is scaling very rapidly
- Contribute to a values-based culture with an emphasis on empowerment and autonomy
- Work in a highly collaborative, cross-functional environment
- Benefits include: Competitive pay, employer-paid healthcare, stock options
Nayya is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics