Security & Compliance Partner

PurposeMed·Remote(Canada)
Legal & Compliance
Adjust

WFA Digital Insight

As the demand for digital healthcare services grows, cybersecurity risks are becoming increasingly prevalent. With a 25% increase in healthcare cyberattacks in 2025, companies like PurposeMed are seeking skilled Security & Compliance Partners to protect sensitive patient data. This role stands out for its focus on proactive security measures and collaboration with cross-functional teams. Candidates should be well-versed in cloud security, compliance, and risk management, with a passion for improving patient outcomes. Before applying, consider your experience in managing security incidents and implementing preventative controls.

Job Description

About the Role

The Security & Compliance Partner will play a vital role in shaping the security landscape at PurposeMed, a fast-scaling virtual healthcare platform. As a trusted partner to leaders across the business, this individual will bring rigor and clarity to protecting patients, people, and systems. Reporting into the Senior Manager, IT & Security, this role will collaborate closely with Engineering, Product, Legal, and Marketing teams to identify real risks, close meaningful gaps, and embed security thinking into operations. PurposeMed is committed to improving access to complex care for underserved communities, and this role will directly support that mission. The ideal candidate will be energized by meaningful problems, thrive in ambiguous environments, and be passionate about making a positive impact on patient outcomes. As a key member of the IT & Security team, the Security & Compliance Partner will contribute to the development of a comprehensive security program, ensuring the confidentiality, integrity, and availability of sensitive data.

What You Will Do

  • Own security monitoring and incident detection across cloud infrastructure and SaaS tooling
  • Lead the response to security incidents, from initial containment to follow-up and lessons learned
  • Embed security thinking into cross-functional teams, including Product, Design, and Engineering
  • Collaborate with Marketing to ensure data collection, consent practices, and ad-tech responsibilities meet internal standards and regulatory obligations
  • Implement and continuously improve preventative security controls, such as MFA, access management, logging, and endpoint protection
  • Conduct vulnerability and risk assessments to identify potential security gaps
  • Contribute to compliance initiatives, including penetration testing and security audits
  • Develop and maintain security policies, procedures, and standards
  • Provide security training and awareness programs for employees

What We Are Looking For

  • 5+ years of experience in IT security, compliance, or a related field
  • Strong understanding of cloud security, including AWS or Azure
  • Experience with security frameworks, such as NIST or ISO 27001
  • Knowledge of compliance regulations, including HIPAA and PIPEDA
  • Excellent analytical and problem-solving skills
  • Ability to communicate complex security concepts to non-technical stakeholders
  • Experience with security incident response and management
  • Strong collaboration and teamwork skills

Nice to Have

  • Experience with AI-powered security tools
  • Certification in a security framework, such as CISSP or CISM
  • Knowledge of Canadian healthcare regulations and standards

Benefits and Perks

  • Competitive salary and benefits package
  • Opportunity to work with a fast-scaling virtual healthcare platform
  • Collaborative and dynamic work environment
  • Professional development and growth opportunities
  • Flexible remote work arrangements
  • Access to cutting-edge security tools and technologies
  • Recognition and reward for outstanding performance

How to Stand Out

  • Develop a strong understanding of cloud security and compliance regulations, including HIPAA and PIPEDA, to increase your chances of standing out in the application process.
  • Showcase your experience with security incident response and management, highlighting your ability to contain and mitigate security threats.
  • Create a portfolio that demonstrates your knowledge of security frameworks, such as NIST or ISO 27001, and your ability to implement preventative security controls.
  • Be prepared to discuss your experience with cross-functional teams, including Product, Design, and Engineering, and your ability to communicate complex security concepts to non-technical stakeholders.
  • Research PurposeMed's mission and values, and be prepared to explain how your skills and experience align with their goals and objectives.
  • Consider obtaining certifications, such as CISSP or CISM, to demonstrate your expertise in security and compliance.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.