Security Program Manager

New York officeFullTimePosted Jul 14, 2026
Apply

About us

Forus is building an AI-powered network that connects doctors, pharmacies, payers, and biopharma to accelerate new science to patients.

Our platform automates the complexity between a doctor prescribing a medicine and a patient starting treatment, including insurance coverage, financial assistance, and supply chain navigation. We provide this support free to doctors and patients, helping them get life-changing medicine faster, cheaper, and easier. The resulting network enables biopharma companies to design better research, launch new drugs more effectively, and invest in harder-to-treat conditions.

Forus has exceptional product-market fit and is growing rapidly through organic adoption:

  • Accelerating scale: We already support patients across more than 80% of ZIP codes and partner with 5 of the 10 largest biopharma companies in the world.

  • AI-native, durable model: Our business becomes stronger as AI improves, as every new doctor, patient, and partner makes the network more valuable.

  • Backing to build for the long term: We raised $160M+ from leading investors to build an exceptional team and unlock the full scale of the opportunity.

Our number one priority is scaling to market demand. We are looking for individuals who are high horsepower, high throughput, and hyper resourceful to help us increase capacity and grow. We move fast and need to move faster.

If we succeed, science will be the only limit to medicine.

All full-time roles are in person in New York.

About the role

As a Security Program Manager at Forus, you will own the programs that let customers trust us with their most sensitive data. We operate on protected health information to automate healthcare, and our providers, payers, and life sciences partners hold us to a high bar.

You will own our compliance programs end to end - SOC 2, HIPAA, and HITRUST - and build the customer trust function that ensures security remains a core competency at Forus. You will run vendor and third-party risk assessments, stand up compliance automation, and partner closely with our engineering team to implement the technical controls you map to each framework.

This is a demanding role, with a high level of autonomy and responsibility. You will be expected to "act like an owner" and commit yourself to Forus' success. If you are low-ego, hungry to learn, and excited about intense, impactful work that drives both company growth and accelerated career progression, we want to hear from you.

If you join, you will:

  • Own our compliance programs end to end (SOC 2 Type II, HIPAA, and HITRUST) from readiness through audit and continuous monitoring.

  • Build and run the customer trust function (security questionnaires, RFPs, due diligence, and our trust center) so security accelerates deals rather than blocking them.

  • Stand up and administer compliance automation, turning evidence collection and control monitoring into a continuous, low-toil system.

  • Author security policies, run security-awareness training, and drive access reviews and audit readiness across the company.

  • Partner with engineering and legal to translate framework and customer requirements into concrete controls, and coordinate external auditors and penetration-testing firms.

  • Own the risk register and give leadership clear, honest visibility into our security and compliance posture.

We'll be most excited if you have:

  • Typically 4–7 years in GRC, security compliance, or security program management, with a track record of running audits end to end.

  • Hands-on experience with SOC 2 and HIPAA; HITRUST experience is a strong plus, as is a track record of standing up a new framework from scratch.

  • Experience in a regulated, high-growth environment — ideally healthcare or another domain with serious data-handling obligations.

  • Fluency with compliance automation tooling and enough technical literacy to work credibly with engineers on cloud, identity, and logging controls.

  • Experience owning customer-facing security with enterprise buyers: questionnaires, trust centers, and due diligence.

  • Strong written and verbal communication that allows you to be an effective participant in both internal debates and external relationships.

  • A track record of moving quickly, finding shortcuts, and going to unreasonable lengths to deliver on goals.

  • High NPS with your former teammates.

This is a list of ideal qualifications for this position. If you don't meet every single one of them, you should still consider applying! We’re excited to work with people from underrepresented backgrounds, and we encourage people from all backgrounds to apply.

Working with us

Forus is based in New York, with our full team working out of a beautiful and spacious office in SoHo. 

We run as a high-trust environment with high autonomy, which requires that everyone is fully competent and operates in line with our principles:

  • Do the math. Be rigorous, assume nothing. Break problems down and reason from the ground up.

  • Expand the solution space. Be resourceful and audacious. Resist false constraints and push beyond the obvious before committing.

  • Spit it out. Speak directly, invite critique, avoid equivocation. We want right answers, not comfortable ones.

  • Raise the bar together. Hold a high standard for execution, push each other directly, and win as a team.

We provide competitive compensation with meaningful equity (for full-time employees). Everyone who joins will be a major contributor to our success, and we reflect this through ownership and pay.

We also provide rich benefits to ensure you can focus on creating impact (for full-time employees):

  • Fully covered medical, vision, and dental insurance.

  • Memberships for One Medical, Talkspace, Teladoc, and Kindbody.

  • Unlimited paid time off (PTO) and 16 weeks of parental leave.

  • 401K plan setup, FSA option, commuter benefits, and DashPass.

  • Lunch at the office every day and Dinner at the office after 7 pm.


Our salary ranges are based on paying competitively for our company’s size and industry, and are one part of the total compensation package that also includes equity, benefits, and other opportunities at Forus (for full-time employees). Individual pay decisions are ultimately based on a number of factors, including qualifications for the role, experience level, skillset, geography, and balancing internal equity.

Forus is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free