Vice President Compliance and Information Security

Connecticut Innovations • united states, united states, us • 2m ago

Are you ready to join Connecticut Innovation’s vibrant community of innovators? Connecticut Innovations (“CI”) is Connecticut’s strategic venture capital arm, and we are passionate about serving our portfolio of 220+ companies across various industries, with strengths in life sciences, technology, and climate tech.

Come join one of our quickly growing portfolio companies, NourishedRx, NourishedRx.

About NourishedRx

NourishedRx is on a mission to eradicate poor diet and nutrition insecurity as top drivers of death, disease and disparities. Founded in 2019, NourishedRx is a digital health and nutrition company that helps people live healthier lives. Leveraging the healing and connective power of food, NourishedRx partners with healthcare organizations to nourish their most vulnerable members, build healthy relationships, and support health equity.

NourishedRx is a venture-backed company that has recently completed its Series A funding round, is now seeking to expand its team. We are a passionate team of healthcare professionals, food entrepreneurs, business executives and experienced product management united by our belief that nutritious food and health education are strong determinants of good health and a life well-lived. We have successfully launched multiple programs in collaboration with major health plans nationwide.

Poor diet is the top driver of death, disease and disparities in the US, and the relationship between diet and health is worsening at an alarming rate. 90% of US adults don't get enough fruits and vegetables, 74% of Americans have overweight or obesity (more than triple the rate in 1960), 93% of US adults have poor cardiometabolic health, and 17 million US households are food insecure. These trends are heightened with racial and ethnic minority groups, contributing to health and economic disparities. Since 2019, NourishedRx has partnered with healthcare organizations to nourish their most vulnerable members, build healthy relationships, and support health equity.

Join us in revolutionizing healthcare through food.

VP of Compliance and Information Security

The Vice President of Compliance and Information Security will lead and manage the organization’s compliance and information security strategy and operations to ensure adherence to regulatory requirements, internal policies, and industry standards. This senior executive role is responsible for developing, implementing, and overseeing compliance programs including the establishment of a robust security posture and strategies to mitigate risks and promote a culture of ethical behavior and transparency.

Responsibilities:

Compliance Strategy and Leadership:

Develop and execute the company’s compliance strategy, aligning it with organizational goals and regulatory requirements.
Provide leadership and guidance to the compliance team and other departments on compliance-related matters.
Act as the primary liaison with regulatory bodies, auditors, and external compliance consultants.
Provide executive oversight for the design, development, implementation, and ongoing review of security policies, procedures, and practices.

Information Security Strategy and Leadership

Oversight of NourishedRx’s information security management system (ISMS) framework and working closely with our vCISO to ensure ongoing confidentiality, integrity, and availability (CIA) of our information security program, including but not limited to: annual penetration testing, annual risk assessment, annual BC/DR exercise, quarterly access reviews, quarterly vulnerability scanning, and remediation and resolution of security incidents.
Responsible for securing and/or maintaining NourishedRx’s ISMS annual certifications or attestations (eg SOC 2, ISO 27001, HI TRUST).
Manage the TPRA/security review and compliance assessment portions of the health plan client contracting process and annually thereafter as contractually required.

Regulatory Compliance:

Stay current with relevant laws, regulations, and industry standards; interpret their impact on the organization.
Ensure the company’s operations comply with all applicable federal, state, and local regulations.
Oversee the development and implementation of policies and procedures to ensure compliance.

Compliance Program Management:

Design, implement, and monitor compliance programs and controls to prevent and detect violations.
Conduct regular risk assessments and internal audits to identify potential compliance issues and address them proactively.
Manage compliance training and awareness programs to educate employees about regulatory requirements and ethical standards.

Reporting and Documentation:

Prepare and present compliance reports to the board of directors and executive management.
Maintain accurate and comprehensive documentation related to compliance activities and investigations.
Ensure timely and accurate reporting to regulatory agencies as required. 

Incident Response and Management

Oversee investigations of compliance inciidents and issues, including internal and external complaints.
Develop, implement and manage incident response plans and corrective action plans to address compliance violations and prevent recurrence.
Ensure timely communication and reporting of incidents to stakeholders and regulatory bodies.

Ethics and Culture:

Promote a culture of ethics and integrity throughout the organization.
Ensure that ethical considerations are integrated into business processes and decision-making.

Collaboration and Communication:

Collaborate with legal, finance, and operational teams to integrate compliance considerations into business strategies and processes.
Communicate effectively with senior management, staff, the board, and external stakeholders regarding compliance issues and initiatives.

Risk Management:

Identify and assess potential security risks and vulnerabilities across the organization.
Develop and manage risk mitigation strategies and ensure appropriate measures are in place to address identified risks.
Conduct regular risk assessments and ensure the security posture evolves with emerging threats and technologies.

Compliance and Governance:

Ensure compliance with relevant laws, regulations, and industry standards (e.g., GDPR, HIPAA, CCPA).
Lead internal and external audits to assess security controls and compliance.
Develop and manage security governance frameworks and ensure adherence to security policies and standards.

Qualifications:

Bachelor’s degree in Business, Law, Finance, or a related field; advanced degree (MBA, JD, etc.) preferred.
Proven experience (typically 10+ years) in compliance, risk management, or a related field, with at least 5 years in a leadership role.
Strong knowledge of relevant laws, regulations, and industry standards.
Excellent leadership, communication, and interpersonal skills.
Demonstrated ability to manage complex compliance issues and drive organizational change.
High level of integrity and commitment to ethical practices.
Commitment to the mission and values of NourishedRx.

Certifications (Preferred):

Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified Ethical Hacker (CEH)
Professional certification such as Certified Compliance & Ethics Professional (CCEP) or similar is highly desirable.

Why Join the NourishedRX Team?

Receive a competitive salary and benefits package, including medical, dental and vision.
Work alongside a venture backed mission-driven team, making a real difference in the lives of people around the world.
Partner with a leadership team with deep sector experience across healthcare, technology, food, and nutrition from Oxford, UnitedHealthcare, Solera, Optum and more.
Assist in building the ONLY platform that has been purpose-built to support socially vulnerable health plan members and patients, who have diet-related disease, obesity, and/or pregnancy.
Learn, grow, and contribute to the success of a dynamic and innovative startup company with opportunities for ownership and company growth.

EQUAL OPPORTUNITY EMPLOYER

NourishedRx is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.