Security Analyst

Notable is the leading healthcare AI platform for transforming workforce productivity. Health systems, hospitals, and payers use Notable to improve healthcare quality, close gaps in patient care, drive member enrollment, and patient acquisition, retention, and reimbursement, scaling growth without hiring more staff.

We are on a mission to improve the lives of patients, staff, and clinicians - to improve healthcare for humanity. This isn't just a lofty goal - it's something we're achieving every single day. When you join Notable, you become part of a force actively transforming healthcare. Our aim to impact 100 million patients isn't just a number; it's a commitment to creating meaningful change on a massive scale.

Therefore, our culture is purposeful in pursuit of this mission. We believe our culture gives each person the opportunity to do the best work of their lives, work with the best teammates, and have fun achieving great things together.

Role Summary:

At Notable, securing the sensitive health data our customers trust us with is critically important. As a Security Analyst, you’ll help keep our internal Information Security Management System policies and procedures up to date with the latest best practices and security standards, help drive external security audits, and interface with our customers’ information security teams. You’ll work closely with Notable’s Product Management, Engineering, Sales, Operations, and Customer Success teams to ensure that information security is embedded throughout the organization and embedded in every decision we make.

What You’ll Do:

• Update, and maintain Notable’s comprehensive ISMS policy and procedure documentation

• Assist with internal and external security audits (HITRUST, SOC 2, ISO, PCI)

• Provide guidance to Notable teams to ensure compliance with the ISMS, address risk assessments

• Assess external vendors for compliance with the ISMS

• Lead internal audits and investigations

• Complete customer infosec questionnaires and documentation requests

• Successful in a fast-paced, collaborative environment

• Experience managing security compliance projects in GCP/ AWS cloud environments

• Ability to create and administer effective security awareness training and materials (Security training, PHI handling, HIPAA training compliance)

• Experience with third party vendor management

• Business continuity planning and incident response experience

• Vulnerability management and coding processes

You’re a Great Fit if:

• You work with empathy

• You have regulated industry experience (healthcare, finance, government)

• You’re curious and don’t mind wearing a lot of hats

#LI-TD1

We value in-person collaboration and connection. For Bay Area–based employees, this role requires being in our San Mateo office at least three days a week. For remote employees, occasional travel to headquarters is expected for company-wide events and onsite gatherings.

Beware of job scam fraudsters! Our recruiters use @notablehealth.com email addresses exclusively. We do not conduct interviews via text or instant message, to purchase equipment through us, or to provide sensitive personally identifiable information such as bank account or social security numbers. If you have been contacted by someone claiming to be a recruiter from Notable from a different domain about a job offer, please report it as potential job fraud to law enforcement and contact us here.