Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and enhance Stedi's security programme, ensuring robust protection across all operations.
- Company: Join Stedi, the innovative healthcare clearinghouse transforming the industry with modern technology.
- Benefits: Competitive salary, flexible work environment, and opportunities for professional growth.
- Other info: Collaborative culture with a focus on continuous improvement and innovation.
- Why this job: Make a real impact in healthcare security while working with cutting-edge technology.
- Qualifications: Proven experience in security programmes, especially in cloud-native environments.
The predicted salary is between 80000 - 100000 ÂŁ per year.
We're building a new healthcare clearinghouse. Stedi is building the first new healthcare clearinghouse in decades. In the healthcare sector, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires that all insurance payers exchange transactions such as claims, eligibility checks, prior authorizations, and remittances using a standardized EDI format called X12 HIPAA. Clearinghouses process the majority of these transactions, offering consolidated connectivity to carriers and providers. Until Stedi, the space was occupied entirely by a small group of legacy players, built on outdated, often pre‑internet technology.
Stedi is the world's only programmable healthcare clearinghouse. By offering modern API interfaces alongside traditional real‑time and batch EDI processes, we enable both healthcare technology businesses and established players to exchange mission‑critical transactions. Our clearinghouse product and customer‑first approach have set us apart.
What we’re looking for: We are hiring a Head of Security to take full ownership of security at Stedi, reporting directly to the CEO and working at the intersection of engineering, legal, product, and more. At Stedi, security is job zero. There is nothing more important than securing our systems. This role exists to operationalize that principle across every function of the company.
You won’t be building from scratch. We already have SOC 2 Type 2 and HIPAA certifications and will soon have HITRUST R2 certification. We view these compliance items as a baseline starting point and not the final destination. We have invested heavily in security from the earliest days. We have extensive controls across our engineering and IT infrastructure (from SCPs to DLP and everything in between), and 100% of our customer data is processed within AWS without exception. We work extensively with AWS’s native tools as well as with AWS teams, including on an IAM access vulnerability that we discovered.
You will own our security function end‑to‑end: incident readiness, regulatory obligations, customer trust, and the day‑to‑day fundamentals that enable everything else. You will be the bridge between engineering and legal, working closely with leadership from both teams and the CEO. You’ll inherit a strong foundation to scale in our next phase of growth – building out the team, programs, and processes that let a lean company move fast while maintaining a world‑class security posture.
What you’ll do:
- Own and build Stedi’s security program end‑to‑end, including policies, controls, procedures, security tooling, training, vulnerability management, vendor risk, and more.
- Be a strong hands‑on contributor from day 1 while also building a roadmap for scaling the security function as the company continues to grow.
- Advise on security risk tied to product decisions, architecture, and partnerships.
- Leverage our best‑in‑category security posture to unlock new customers and strategic relationships.
- Partner with Engineering to maintain security excellence while minimizing development friction.
- Lead breach preparedness and incident response: build, test, and own the Security Incident Response Plan, Disaster Recovery, and Business Continuity programs.
- Represent Stedi in conversations with customer and partner security leadership teams, and provide clear, regular reporting on security posture and risk to the executive team and board.
- Partner with Legal on regulatory obligations, breach notification requirements, and the legal dimensions of security incidents.
- Build mechanisms for continuous security improvement, and establish practical, role‑appropriate security training across the company.
Who you are:
- Significant experience owning security programs in cloud‑native environments.
- Deep technical ability in the security domain and enough working knowledge to have high‑bandwidth discussions with application engineers.
- Strong legal and regulatory instincts – you have the ability to understand legal issues and can speak credibly with regulators; healthcare or HIPAA experience is a strong plus.
- Opinionated but pragmatic, with strong judgment about where rigor matters most and a bias toward solutions over problems.
- Exceptional communicator: you can explain security risk clearly to engineers, executives, customers, and regulators, in writing and in person.
- You’re excited to use automation and modern tooling to eliminate toil and raise the bar, not to build bureaucracy.
Head of Security in London employer: Stedi
Contact Detail:
Stedi Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Security in London
✨Tip Number 1
Network like a pro! Reach out to folks in the healthcare and security sectors on LinkedIn. Join relevant groups, attend webinars, and don’t be shy about asking for informational interviews. You never know who might have the inside scoop on job openings!
✨Tip Number 2
Show off your skills! Prepare a portfolio or case studies that highlight your past security projects and achievements. When you get the chance to chat with potential employers, use these examples to demonstrate how you can add value to their team.
✨Tip Number 3
Be proactive! If you see a company you’re keen on, don’t wait for them to post a job. Reach out directly to express your interest and share how your experience aligns with their needs. A little initiative can go a long way!
✨Tip Number 4
Apply through our website! We love seeing applications come directly from candidates who are genuinely interested in Stedi. It shows us you’re serious about joining our mission to revolutionise healthcare security.
We think you need these skills to ace Head of Security in London
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Head of Security role. Highlight your experience with security programs, especially in cloud-native environments, and show how your skills align with our mission at Stedi.
Showcase Your Communication Skills: As a key communicator between teams, it’s vital to demonstrate your ability to explain complex security concepts clearly. Use examples in your application that showcase your exceptional communication skills, both written and verbal.
Highlight Relevant Experience: Don’t forget to mention any experience you have with HIPAA or healthcare regulations. This will show us that you understand the unique challenges we face in the healthcare sector and can navigate them effectively.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands and shows us you’re serious about joining the Stedi team!
How to prepare for a job interview at Stedi
✨Know Your Security Fundamentals
Make sure you brush up on your knowledge of security principles, especially in cloud-native environments. Be ready to discuss how you would approach incident readiness and vulnerability management, as these are crucial for the Head of Security role.
✨Understand HIPAA and Regulatory Requirements
Since Stedi operates in the healthcare sector, having a solid grasp of HIPAA regulations and other compliance standards is essential. Prepare to explain how you would ensure that the company meets these obligations while maintaining a strong security posture.
✨Showcase Your Communication Skills
As a Head of Security, you'll need to communicate complex security risks to various stakeholders. Practice explaining technical concepts in simple terms, so you can effectively engage with engineers, executives, and customers during the interview.
✨Demonstrate Your Hands-On Experience
Be prepared to share specific examples from your past roles where you took a hands-on approach to security challenges. Highlight your ability to balance being a contributor while also leading a team, as this is a key aspect of the role at Stedi.