Information Security Manager
Company: Habitat Health
Location: San Francisco
Posted on: February 18, 2026
|
|
|
Job Description:
Job Description Job Description At Habitat Health, we envision a
world where older adults experience an independent and joyful aging
journey in the comfort of their homes, enabled by access to
comprehensive health care. Habitat Health provides personalized,
coordinated clinical and social care as well as health plan
coverage through the Program of All-Inclusive Care for the Elderly
("PACE") in collaboration with our leading healthcare partners,
including Kaiser Permanente. Habitat Health offers a fully
integrated experience that brings more good days and a sense of
belonging to participants and their caregivers. We build engaged,
fulfilled care teams to deliver personalized care in our centers
and in the home. And we support our partners with scalable
solutions to meet the health care needs and costs of aging
populations. Habitat Health is growing, and we're looking for new
team members who wish to join our mission of redefining aging in
place. To learn more, visit https://www.habitathealth.com. Role
Scope : We are looking for a qualified, hands-on Information
Security Manager to design, implement, and operate the information
security program for our growing healthcare organization operating
under the PACE model. This role blends strategic security
leadership with practical execution. The ideal candidate can
translate high regulatory and partner security standards into
right-sized, pragmatic controls, while building sustainable
governance, oversight, and audit processes. Deploy HIPAA aligned
best practice security architecture across our Microsoft 365
environment and Meraki based WAN. Define, implement, and maintain
administrative, technical, and physical security controls
appropriate for a PACE organization Own security design decisions
and control selection, balancing risk, regulatory requirements, and
operational realities Security monitoring and incident response:
configure and monitor tools, logs, and alerts, analyze activity,
and investigate potential security incidents Serve as primary
security escalation point for internal teams and external partners
Lead incident response planning, tabletop exercises, post-incident
reviews, and remediation tracking Perform vulnerability management
activities, based on internal and external scans, and coordinate
remediation activities Maintain an enterprise security risk
register, including risk scoring, mitigation plans, and
executive-level reporting Support business continuity and disaster
recovery security requirements in partnership with IT and
Operations Lead Access and Identify management, developing best
practice procedures, and enabling others to work within these
processes Oversee privileged access, role-based access controls,
joiner/mover/leaver processes, and periodic access reviews Ensure
appropriate data protection controls for PHI, including encryption,
logging, and monitoring Draft, maintain, and enforce security
policies, standards, and procedures aligned to HIPAA, NIST, and
partner requirement Design and operate recurring security oversight
and audit processes, including evidence collection and remediation
tracking Lead and coordinate internal and external security audits,
assessments, and partner security reviews Establish and manage a
third-party security and risk management program, including vendor
risk assessments and ongoing monitoring Partner closely with IT,
Compliance, Legal, Clinical, and Operations teams to embed security
into daily workflows. Qualifications: Bachelor's degree in Computer
Science with an emphasis on Information Security, or equivalent
experience 7 years of progressive experience in information
security or cybersecurity roles, including hands-on implementation
3–5 years of experience owning or leading security programs,
controls, or governance functions including hands?on experience in
implementing information security best practices, and experience
with security monitoring, incident response, or vulnerability
management. Practical experience in a Health Care organization, and
expertise in industry regulatory and standards frameworks (HIPAA,
NIST, etc) Experience in cloud based environments, specifically
Microsoft 365. Experience in networking concepts, operating
systems, and cloud environments Familiarity with regulatory and
standards frameworks (HIPAA, NIST, etc.). Strong analytical and
problem?solving skills with attention to detail. Ability to lead
through influence. Ability to communicate complex issues clearly to
technical and non?technical audiences. Ability to travel up to 2
weeks per quarter. Nice to haves Experience in a start up
organization. Experience supporting audits, partner security
assessments, or SOC/HIPAA readiness efforts. Experience in creating
technology solutions based on business requirements Experience
working remotely – this is a remote position. Professional
certifications such as CISSP, CISM, CISA, or Security (preferred,
not required) A strong connection to the mission of our business
Experience working with technology managed service providers
Compensation: We take into account an individual's qualifications,
skillset, and experience in determining final salary. This role is
eligible for medical/dental/vision insurance, paid parental leave
(birthing and non-birthing parents), short and long-term
disability, life insurance, flexible spending accounts, 401(k)
savings, paid time off, and company-paid holidays. The expected
salary range for this position is $133,000 - $157,000. The actual
offer will be at the company's sole discretion and determined by
relevant business considerations, including the final candidate's
qualifications, years of experience, skillset, and geographic
location. Vaccination Policy, including COVID-19 At Habitat Health,
we aim to provide safe and high-quality care to our participants.
To achieve this, please note that we have vaccination policies to
keep both our team members and participants safe. For covid and
flu, we require either proof of vaccination or declination form and
required masking while in participant locations as a safe as and
essential requirement of this role. Requests for reasonable
accommodations due to an applicant's disability or sincerely held
religious beliefs will be considered and may be granted based upon
review. We also require that team members adhere to all infection
control, PPE standards and vaccination requirements related to
specific roles and locations as a condition of employment. Our
Commitment to Diversity, Equity, and Inclusion : Habitat Health is
an Equal Opportunity employer and is committed to creating a
diverse and inclusive workplace. Habitat Health applicants are
considered solely based on their qualifications, without regard to
race, color, religion, creed, sex, gender (including pregnancy,
childbirth, breastfeeding or related medical conditions), gender
identity, gender expression, sexual orientation, marital status,
military or veteran status, age, national origin, ancestry,
citizenship, physical or mental disability, medical condition,
genetic information or characteristics (or those of a family
member), or other status protected by applicable law. Habitat
Health is committed to the full inclusion of all qualified
individuals. In keeping with our commitment, Habitat Health will
take steps to provide people with disabilities and sincerely held
religious beliefs with reasonable accommodations in accordance with
applicable law. Accordingly, if you require a reasonable
accommodation to fully participate in the job application or
interview process, to perform the essential functions of the
position, and/or to receive all other benefits and privileges of
employment, please contact us at careers@habitathealth.com. Beware
of Scams and Fraud Please ensure your application is being
submitted through a Habitat Health sponsored site only. Our emails
will come from @habitathealth.com email addresses. If you feel that
you have been the victim of a scam such as this, please report the
incident to the Federal Trade Commission by selecting the 'Rip-offs
and Imposter Scams' option: https://reportfraud.ftc.gov//.
Keywords: Habitat Health, San Jose , Information Security Manager, IT / Software / Systems , San Francisco, California
