Hi, we're Oscar. Were hiring a Associate Director, Privacy & Compliance Engineering to join our Security team in our New York office.
Oscar is a technology-driven, consumer-focused health insurance startup founded in 2012 & headquartered in New York City. Our goal is to make health insurance simple, transparent, & human. We need your help to do so.
About the role:
Oscar's business depends on efficient compliance with various industry & government regulations, as well as privacy & security of our customers & partners data. We believe that with our already strong controls & processes it should be possible to make engaging with various auditors & regulators easy by dedicating attention to organizing & automating our audit evidence collection, sorting, & retention. We also want to ensure that our systems are putting security, compliance & privacy front & center, making our stack secure, privacy conscious, & compliant by design.
We are looking for an engineering leader who will build & lead a team of security software engineers to build our Privacy & Compliance Engineering function within the security team from the ground up.
You will report into the Senior Director, Security Engineering.
In this role you will:
- Be the technical lead & people manager for the Privacy & Compliance Engineering team
- Define & execute the teams roadmap, ensuring the right goals for the team are established, & that they are met at the right time
- Mentor your engineers & upscale their skills via code reviews & guidance in their code development tasks
- Roll up your sleeves when necessary & join the team to deliver great solutions
- Collect many stories of how different teams operate in their environment, while looking for ways to make the work aligned with compliance, security, & privacy requirements facilitate gathering of the evidence that will be presented to auditors
- Find ways to automate information gathering & remove manual dependencies as much as possible
- Participate in calls with various regulators & auditors, while representing the company.
The following is a sample list of tasks we oversee:
- Collect SOC1 & SOC2 reports for various vendors
- Collect & analyze various recommendations for SOC1, SOC2, & SOX compliance & make sure those recommendations are implemented across the organization in a timely manner
- Interview various teams to map & document their process
- Write scripts & software to process data & collect evidence
- Work with product managers to suggest quick wins that can be incorporated into roadmaps
- Help identify vendors & SAAS solutions that can be integrated into our flow & lead the integration activities
- Contribute across other parts of the Security organization
- You have 8+ years of software/security engineering experience
- You have 2+ years of management experience
- You collaborate & communicate effectively with a broad spectrum of stakeholders, including technical & non-technical audiences.
- Familiar with successful models bridging Engineering & Security priorities
- Hands on experience in at least one modern programming language (strong preference to Python or Go)
- Previous work experience in a highly regulated industry, including direct interaction with internal & external auditors
Life at Oscar:
At Oscar, being an Equal Opportunity Employer means more than upholding discrimination-free hiring practices. It means that we cultivate an environment where people can be their most authentic selves & find both belonging & support. We're on a mission to change health care -- an experience made whole by our unique backgrounds & perspectives.
We encourage our members to care for their whole selves, & we encourage our employees to do the same with comprehensive medical benefits, generous paid-time off, paid parental leave, retirement plans, company social events, stocked kitchens, wellness programs, & volunteer opportunities.
Oscar applicants are considered solely based on their qualifications, without regard to applicants disability or need for accommodation. Any Oscar applicant who requires reasonable accommodations during the application process should contact the Oscar Benefits Team (email@example.com) to make the need for an accommodation known.
Pay Transparency Policy:
Oscar ensures that you won't be discharged or discriminated against based on whether you've inquired about, discussed, or disclosed your pay. Read the full policy here.