Aunt Bertha’s mission is to connect all people in need with the programs that serve them ( with dignity and ease).
People looking for help should be able to find it in seconds. Aunt Bertha picks up where Uncle Sam leaves off by making it easy to find and apply for government and charitable social service programs. By organizing the country's human service program information, we make it easy for people in need and the people who help them to find help in seconds on www.auntbertha.com. We are a venture-backed company, most recently being supported by Techstars Ventures in May 2016.
We are looking for people who are driven to make the world a drastically better place (and get paid to do so) and want to join our small group of thoughtful, committed citizens because they believe, as Margaret Mead said, "Never doubt that a small group of thoughtful, committed citizens can change the world; indeed, it's the only thing that ever has."
What We Need Your Help Doing: As a software company working with healthcare, health insurance, government, education and large non-profit companies, we have a lot of compliance and risk management to adhere to. The Compliance Director will continue to lead and influence our existing overall risk management and compliance adherence.
Here is a bit about what you will own:
- Internally, you will (a) protect our data and assets, (b) monitor, audit and alert operations of risk and issues, and (c) keep our policies, procedures and documentation current.
- Externally, you will (a) maintain proper certifications and compliance, (b) provide accurate information to prospects and customers, and (c) maintain our communication with legal, privacy and compliance stakeholders.
- Support the execution and oversight of existing strong systems and processes to internal risk management, ensuring leadership teams are making the best informed business decisions and implementing risk mitigation strategies.
- Have responsibility to continue our compliance with all privacy and confidentiality laws including the Health Insurance Portability & Accountability Act (“HIPAA”).
What You Get:
1) Compensation: This is a full-time position compensated with a salary.
2) Benefits: We offer a full benefits package, including:
- Healthcare, dental, and vision for employees and their families / dependents (including FSA and HSA)
- Paid time off that grows to more at your 1 year mark
- Short and long-term disability
- Life insurance
- Commuter benefits
- You get to work in Austin. We think this place is pretty awesome.
3) Meaningful Work: We believe life is to short to work on things you don’t believe passionately in. What you work hard on every day will allow people to find the help they need and lead better lives. That’s no small thing. And given that you are applying for this job we know you care about building things that have impact on people's livesat scale. We are a certified B Corp, meaning rigorous standards of social and environmental performance, accountability, and transparency and written into our corporate charter.
Skills and responsibilities
- Oversee continued improvement of the Aunt Bertha compliance programs;
- Oversee existing and new written policies and procedures related to the compliance program;
- Oversee day to day operations of the compliance processes and activities including the coordination of our monthly and quarterly compliance committee meetings;
- Ensure that compliance reports are reviewed by management ongoing;
- Continue educational sessions and training on various compliance, and privacy topics to all levels of the organization including but not limited to new employee training, recurring training for current employees and specialized training as needed;
- Keep abreast of changes in laws and regulations impacting our operations;
- Oversee continuation and implementation of audits and other monitoring to identify instances of violation of the compliance program, policies or procedures and other laws and regulations;
- Coordinate with all areas of the organization to organize and operate a system of discipline for violations of the compliance program, policies or procedures or applicable laws or regulations;
- Coordinate with other areas of the organization to continue risk management (internal and external);
- Oversee our compliance with HIPAA and confidentiality laws, including (1) HIPAA Privacy, Security and Breach Notification policies, (2) investigation, documentation and notification of HIPAA breaches as required by the HIPAA Breach Notification Rule, (3) coordination with all departments on HIPAA Security issues, including required administrative, technical and procedural safeguards; and
- Maintain HITRUST Certification.
- Strong desire to use your job and mind to make the world a better place for people in need;
- Certifications desired (though not required) include certifications in healthcare compliance, certifications in privacy compliance, and other industry certifications: e.g. CHC, CHPC, CCEP, CISSP;
- Technical competencies desired include understanding of network security technologies such as switches, firewalls, NAT, WAF, VPN, TLS and RADIUS; experience with PKI and directory services for authentication; system hardening and patch management; understanding of technologies involved with business continuity such as system imaging, backups and server clustering;
- Experience with configuring and monitoring tools including: SIEM systems, IDS/IPS, network and vulnerability scanning/penetration tools, MDM;
- Additional system knowledge desired: Sophos, Google Suite Administration, RackFoundry, JumpCloud, Automox, Google Cloud;
- Experience collaborating with highest levels of engineering, product and partnerships;
- Intrinsically motivated, results-oriented, and able to work autonomously to achieve goals;
- Located in, or willingness to re-locate to, Austin, TX.