At GoodRx, we believe that all Americans should have access to convenient and affordable healthcare. As a nation, we spend about $3.5 trillion annually on our healthcare, but too many Americans struggle to get the care they need, and prices just keep rising. Our marketplaces for prescription medicines and telehealth have helped Americans save $25 billion since 2011. GoodRx is a public company; we're based in Santa Monica with additional offices around the country. We're a low-key and tight-knit group that likes to find new ways to fix big problems. If you share our belief that you can do well by doing good, let's talk.
We’re committed to growing and empowering a more inclusive community within our company and industry. That’s why we hire and cultivate diverse teams of the best and brightest from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has room at the table and the tools, resources, and opportunity to excel.
About the Role:
GoodRx is looking for a Director of Security Operations to help keep information safe and eliminate risks across our system and products. This individual will collaborate with GoodRx’s VP of Security and Compliance to help drive and ensure the overall security of GoodRx information and assets. The Director of Security Operations will be technically savvy with a proven track record, a strong multitasker and be constantly one step ahead of the curve to help keep the organization and our customers safe and secure.
- Leadership and management of the Security Engineering and Data Security Teams including attracting, hiring, developing, and retaining team personnel, workload assignment, and process development
- Define, scope and drive security initiatives to ensure we can continue to secure all important and sensitive data across our rapidly growing organization
- Take ownership and lead the expansion of the GoodRx Security Operations Center (SOC)
- Identify applications, process changes and or tooling that can be used by GoodRx engineers to make their jobs easier and help further embed security into GoodRx’s software development lifecycle (SDLC)
- Create, test and lead the incident response program by involving all pertinent internal and external stakeholders
- Work closely with our Legal and Compliance teams to help assist in risk assessments and implement security controls when needed
- Assist in defining and delivering on team OKRs
Skills & Qualifications:
- Strength in leading and managing teams of dedicated security professionals working in a complex organization with a high growth rate
- 10 plus years’ experience in the field of Information Security
- 5 plus years’ experience with securing cloud environments
- Experience building out comprehensive security programs in areas such as Vendor Security Assessments, Penetration Testing, Risk Management, Vulnerability Management, Security Monitoring (SOC/SIEM), Incident Response, Identity Access Management and Security Awareness Training
- Experience complying with various security standards, compliance frameworks and best practices. (HIPAA, HITRUST, SOX, CCPA, PCI, NIST, CSA, ISO)
- Experience with container-based infrastructure is a plus
- CISSP, CISA, CEH, OSCP, or other industry recognized security certification(s) are preferred
GoodRx is America's healthcare marketplace. The company offers the most comprehensive and accurate resource for affordable prescription medications in the U.S., gathering pricing information from thousands of pharmacies coast to coast, as well as a telehealth marketplace for online doctor visits and lab tests. Since 2011, Americans with and without health insurance have saved $25 billion using GoodRx and 15 million consumers visit goodrx.com each month to find discounts and information related to their healthcare. GoodRx is the #1 most downloaded medical app on the iOS and Android app stores. For more information, visit www.goodrx.com.
Read Full Job Description