Avatar for Carrot

Customized fertility benefits for the modern company

Information Security Officer

Apply now
Carrot
----
Carrot is reinventing what fertility coverage means, who has access to it, when, and how. Our mission: fertility care for all.

Carrot makes it easy and affordable companies to implement a world-class fertility program for employees regardless of age, sex, sexual orientation, gender identity or marital status. Carrot supports all valid fertility care such as fertility testing, fertility preservation, in-vitro fertilization (IVF), adoption, and more.

Companies love Carrot because it’s simple, predictable and improves health outcomes. Members get a data-driven, personalized product experience that meets them wherever they are, and moves them through each achievement with as little time and stress as possible.

Carrot is a fast-paced startup that values employees who craft pragmatic solutions based on the current environment, thrive in ambiguous situations, and take ownership and accountability of their work. Our promise to you is to increase your career growth as you help us grow as a company.


Your role
----
As our first Information Security Officer, you will be the subject matter expert for all security and compliance matters at Carrot. You will ensure that Carrot is meeting security commitments to our customers by implementing and maintaining policies and procedures to adhere to industry-standard security and compliance frameworks. This is a chance to make an incredible impact, as you’ll be responsible for protecting the highly-sensitive fertility and family forming information of our members.


Responsibilities
----
Oversee the maintenance and continual improvement of Carrot security policies and procedures

Be the security point person during the sales process, resolving customer requests and completing security questionnaires in as timely a manner as possible

Run project management for implementing and maintaining security and compliance frameworks (e.g. SOC 2, HIPAA, GDPR, CCPA)

Organize and run internal and external security audits and reviews

Run risk assessments and follow up on key findings to reduce risk in the Carrot organization

Coordinate vulnerability scanning and penetration testing of Carrot systems

Ensure any new or existing third parties (e.g. vendors, auditors, contractors) meet necessary security requirements

Collaborate with other organizations (e.g. IT, Legal, Customer Success) to ensure we are meeting the needs of the Carrot workforce, customer obligations, and regulatory requirements


Preferred experience
----
Experience building and maintaining security policies and procedures for a company

Experience running risk assessments

Experience with security and compliance frameworks (e.g. SOC 2, HIPAA, GDPR, CCPA)

Experience in analyzing and resolving cloud security vulnerabilities and risks

Proven ability to communicate and work with customers as well as internal stakeholders

More jobs at Carrot

View all jobs

Sales Development Representative

Apply now

Consultant Relationship Manager

Apply now

Business Development Manager

Apply now

Business Development Representative

Apply now

Legal Associate, Global Operations

Apply now