Director of Information Security at Sana Benefits

Sana Benefits

Director of Information Security


Our health system is broken, and it’s a huge problem. Costs are rising out of control while the patient experience gets worse. At Sana, we’re passionate about fixing this problem by bringing accessible and affordable health plans to small and medium businesses. We’ve built an innovative team with top talent from across the health insurance and tech industries to create engaging, modern plans for our clients. This allows our customers to offer competitive benefits packages while paying an average of 20% less than traditional plans.

To do this, we have built a new kind of health plan from scratch for employers and their employees. Our customers can offer rich benefits to attract and retain top talent while paying less than traditional plans. Sana uses proprietary technology to cut out waste and a novel financing structure that gives companies money back when claims are low, saving up to 20% on total costs.

Sana is looking for a Director of Information Security to join our small but growing team. As a successful candidate, you will lead our security initiatives, build and lead a team to secure Sana’s infrastructure against threats, investigate suspicious activity, oversee threat detection, response and remediation. You will be responsible for evaluating, setting, and communicating Sana’s security policies across multiple departments within Sana, consistently applying logic, processes, and best practices to recommend security solutions that balance business needs against security risks. Your daily responsibilities will include working cross-functionally to ensure our cloud environment and sensitive data is secure while staying on top of the latest security techniques and implementation. We are building a distributed engineering team and encourage all applicants to apply, regardless of location.

What you will do

  • Architect, design, implement, maintain and operate information system security controls and countermeasures
  • Analyze and recommend security controls and procedures and provide oversight to ensure compliance
  • Recruit and hire a world-class team of security professionals that will be responsible for implementing your security vision and structure
  • This role drives compliance by bridging the gap between business units and IT
  • Monitor systems for vulnerabilities and potential incidents
  • Responsible for company-wide development and administration of information security training and awareness programs, including onboarding training for new employees.
  • Responsible for solutions to maintain integrity and security of sensitive personal data such as PII and PHI in accordance with HIPAA best practices
  • Ensure current development practices and 3rd party software usage remains compliant with HIPAA standards and best practices

About you

  • Minimum of 5 years relevant, hands-on professional experience
  • Experienced mentor and effective communicator of complex ideas and topics
  • Capable of evaluating and recommending actions based on the balance company and security needs
  • Experience evaluating security vendors and consultants with an eye on creatively solving near term security needs against longer term vision and sustainable solution.
  • Experience with PEN testing techniques, threat assessment, and incident response
  • Experience working with complicated systems at scale
  • Possess knowledge of common information security and privacy frameworks, such as HIPAA, SOC 2, PCI, etc

Nice to have

  • Have worked in regulated industry such as healthcare
  • Experience leading or working closely with IT organization aligning company security initiatives with IT support and responsibilities

Techs we use

  • AWS
  • Redshift
  • Postgres
  • Mode
  • Rails
  • React
  • Docker
  • Elasticsearch
  • Git


  • Competitive salary
  • Stock options in rapidly scaling startup
  • Flexible vacation
  • Medical, dental, and vision Insurance
  • 401(k) and HSA plans
  • Parental leave
  • Remote worker stipend
  • Wellness program
  • Opportunity for career growth
  • Dynamic start-up environment

About Sana

Sana is a modern health plan solution for small and medium businesses. We use a more efficient financing structure and integrated technology solutions to cut out wasteful spending and get members access to better quality care at lower cost. Founded in 2017, we are an experienced team of engineers, designers and health system operators. We have the financial backing of Silicon Valley venture firms and innovative reinsurance partners. If you are excited about building something new and being a part of fixing our broken healthcare system from the inside, please reach out!

See all IT Jobs >

Sign up for Daily Remote Job Alerts!

Want Access to 25,000+ More Remote and Flexible Jobs?

More Jobs

More Jobs

Part-time to full-time,
freelance to employee

More Career Fields

More Career Fields

50+ flexible
job categories

More Resources

More Resources

Q&A's, webinars,
career coaching & more

Learn More About Our Premium Service