If you are a Techstars portfolio companyclaim your profile.

Director of Information Security



San Francisco, CA, USA
Posted on Thursday, July 11, 2024
Our Mission: Make healthcare #1 in customer service.
What We Deliver: Artera (formerly WELL Health®) is the patient communication platform that delivers happier staff, healthier patients, and more profitable organizations. We enable two-way conversations between patients and their healthcare teams through secure, multilingual messaging across multiple channels – including text, email, and telephone. By unifying disjointed touchpoints into a single, intuitive channel, Artera fuels connected patient experiences and empowers organizations to deliver the best customer service imaginable.
Our Impact: Artera helps 500+ healthcare providers facilitate more than 1 billion messages for 40+ million patients annually.
Our award-winning culture: Since founding in 2015, Artera has consistently been recognized for its innovative technology, business growth, and named a top place to work. Examples of these accolades include: Inc. 5000 Fastest Growing Private Companies (2020, 2021, 2022, 2023); Deloitte Technology Fast 500 (2021, 2022, 2023); Built In Best Companies to Work For (2021, 2022, 2023, 2024). Artera has also been recognized by Forbes as one of “America’s Best Startup Employers,” Newsweek as one of the “World’s Best Digital Health Companies,” and named one of the top “44 Startups to Bet your Career on in 2024” by Business Insider.
Artera is looking for a Director of Information Security to lead our company-wide information security program. You will be responsible for the strategic direction and management of the security operations that keep our company’s and our customers’ data safe. You will learn our control frameworks and manage controls across each domain of the program. You are excited about being involved in all facets of security, and you have a passion for keeping data safe.
You have strong organizational skills and work well across departments. You are able to manage a diverse team while also directing large initiatives such as SOC, ISO, and HITRUST audits. You can quickly operationalize security requirements and identify and mitigate diverse risks for the company. You have the ability to develop, implement, and execute on processes in a fast-paced environment.
This position is an exciting opportunity if you are looking to be at the forefront of healthcare technology and are passionate about security.


  • Strategic direction and oversight of the Security team
  • Ensure relevant compliance requirements for frameworks including HITRUST, HIPAA, ISO 27001, ISO 27017, ISO 27018, and SOC 2 Type 2 are met
  • Own and project manage security requirements for large-scale initiatives
  • Advise and consult with stakeholders with FedRAMP Authorization
  • Maintain and improve security / technology-related policies, procedures, and standards that address security requirements related to strategies, regulations, and business & technology risks
  • Perform information security control reviews and assessments across technology and business teams
  • Provide counsel on security-related topics and help drive complex projects across the organization with imperfect information and ambiguity
  • Identify, quantify, track, and manage mitigation of security risks and control exceptions across Artera’s security domains
  • Participate in security-related meetings with clients
  • Respond to RFPs and security questionnaires
  • Respond to, and lead, security-related incidents


  • A Bachelor's degree in Information Security, Computer Science, Management Information Systems, Computer Information Systems, or a related discipline *additional experience also accepted in lieu of a degree
  • 8+ years of experience in one or all of the following: Information technology security programs, audits, assessments, risk, or remediation management work experience
  • Working knowledge of implementing security requirements for FedRAMP Authorization - specifically FedRAMP Moderate or High
  • Relevant security certifications (CISSP, CISM, CISA, etc.)
  • Excellent communication skills and an ability to collaborate across diverse teams
  • Good problem-analysis, problem-solving, and judgment skills
  • Strong project management skills


  • Direct experience with NIST 800-53, PCI DSS, SSAE 18 and/or other risk-centric standards and frameworks
  • Internal or external IT audit experience
  • Experience with cloud based infrastructure security principles
  • Experience working with distributed teams
  • SaaS experience
  • Healthcare experience
Artera values in-person collaboration and is currently hiring in the following US cities: Santa Barbara, Los Angeles, San Francisco/Bay Area, Kansas City, and Philadelphia (Wayne).
Artera HQ is in Santa Barbara, CA, and we have an additional US office located in Philadelphia (Wayne), PA. If you live in the Santa Barbara or Philadelphia area, your role will be hybrid and you will be required to work out of your designated office location 3 days a week, unless otherwise noted in the job requirements.
If you live in Los Angeles, San Francisco/Bay Area, or Kansas City, your role will be remote to start. As our team continues to grow in these cities, Artera will be considering opening offices in these locations. Once that happens, you will be required to work out of your designated office location 3 days a week, unless otherwise noted in the job requirements.
Company benefits - Full health benefits (medical, dental, and vision), flexible spending accounts, company paid life insurance, company paid short-term & long-term disability, company equity, voluntary benefits, 401(k) and more!
Career development - Manager development cohorts, employee development funds
Generous time off - Company holidays, Winter & Summer break, and flexible time off
Employee Resource Groups (ERGs) - We believe that everyone should belong at their workplace. Our ERGs are available for identifying employees or allies to join.
Committed to Diversity, Equity, and Inclusion
Artera is an Equal Opportunity Employer and is committed to fair and equitable hiring practices. All hiring decisions at Artera are based on strategic business needs, job requirements and individual qualifications. All candidates are considered without regard to race, color, religion, gender, sexuality, national origin, age, disability, genetics or any other protected status.
With that said, research shows that women and other underrepresented groups apply only if they meet 100% of the criteria. Artera is committed to leveling the playing field, and we encourage you to apply for positions even if you do not meet 100% of the criteria. We would love to connect with you and see if you would be a great fit for our role!
We’re dedicated to creating an inclusive, equitable, and diverse workplace, where everyone feels safe to be themselves and diversity is a strength. Artera is committed to providing employees with a work environment free of discrimination and harassment; Artera will not tolerate discrimination or harassment of any kind.
Artera values your privacy. By submitting your application, you consent to the processing of your personal information provided in conjunction with your application. For more information please refer to our Privacy Policy.