The Security Analyst will be responsible for supporting many aspects of DayTwo’s Information Security and Compliance program. This position will own critical processes such as vendor security audits, user access reviews, managing the Security Awareness Training Platform, documenting security incidents, and working with the product teams to ensure security and compliance is maintained at all aspects throughout the process and development life cycle.

DayTwo is the first company to safely and sustainably balance blood sugar, lower A1C, and reduce weight using food as medicine and leveraging the profile of a patient’s gut-microbiome, without the use of medications or surgery. Our data science and digital tools combined with our clinical expertise are shifting the diabetes treatment paradigm from management to remission.

Position Responsibilities:

• Assist in creation and implementation of data security and HIPAA security auditing, monitoring, and reporting policies and procedures, including the establishment of corporate user security access profiles.
• Creation and implementation of disaster recovery and business continuity policies.
• Implements and maintains systems utilized in the auditing, monitoring, and reporting of data and HIPAA security and confidentiality usage and breaches.
• Provide recommendations on security advancements to best protect the company’s systems.
• Collaborates with leadership to solve problems and improve business operations through process re-engineering, to meet or exceed data security and HIPAA security regulatory requirements.
• Maintains and enhances internal processes and tools used to respond to external requests related to information security using GRC tools, spreadsheets, etc.
• Other duties as assigned

Position Requirements:

• 3 years of applicable experience preferred
• Assist in supporting DayTwo’s current and future compliance related responsibilities (HIPAA, SOC2, HITRUST, FedRAMP, etc.)
• CISSP or other cyber-security certification preferred
• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Systems Auditor (CISA)
• Effective liaison between regulatory agencies, business and leadership units and staff
• Experienced in policy and procedure development and enforcement.
• Strong business analysis, research and analytical skills
• Excellent communication skills

What We Offer:

• Evidence-based, Science-first, mission-driven culture focusing on improving the lives of people impacted by type 2 and prediabetes
• Hybrid (WFH/In Office) Schedule
• Competitive compensation
• Stock Options!!!!
• Comprehensive Benefits Including 80% Company Paid Health, Dental, Vision Premiums
• Company Perks
• Flexible PTO Policy

DayTwo is the leader in telehealth-based precision nutrition that enables a path to remission for

metabolic disease. Our customers include some of the largest employers and payors in the US.

DayTwo is committed to a diverse and inclusive workplace. We aim for every person at DayTwo

to feel like they matter, belong, and can be their authentic selves so they can do their best work.

We do not discriminate on the basis of race, religion, color, national origin, gender, sexual

orientation, age, marital status, veteran status, or disability status.

DayTwo is committed to working with and providing reasonable accommodations to applicants

with physical and mental disabilities. If you need assistance and/or a reasonable

accommodation in the application or recruiting process due to a disability, please contact us.

Please see the United States Department of Labor's EEO poster and EEO poster supplement

for additional information.