Chief Information Security Officer

Nsight Health

1d•$180,000 - $220,000•Remote

About The Position

Nsight Health is transforming how care is delivered through Remote Patient Monitoring (RPM), Chronic Care Management (CCM), and Behavioral Health Integration (BHI). We empower healthcare providers to manage chronic conditions using real-time data, AI-enabled technology, and 24/7 clinical support. Our HIPAA-compliant platform connects patients and care teams nationwide—improving outcomes, adherence, and peace of mind. Join a fast-growing, mission-driven team that blends healthcare and technology to make a measurable difference in people’s lives. Nsight Health — Where Technology Meets Compassion. We are seeking a visionary yet pragmatic Chief Information Security Officer (CISO) to build and own Nsight Health’s security and compliance function from the ground up. As we scale our AI-powered healthcare platform, we require a leader who views security not as a blocker, but as a competitive differentiator and a prerequisite for enterprise growth. Reporting directly to the COO, you will inherit an existing compliance team and a mandate to elevate our security posture. This is a "builder-operator" role: you will establish frameworks (CIS, SOC 2), mature existing HIPAA processes, and serve as a credible, forward-leaning partner to our AI-focused product and engineering teams. AI Fluency Requirement — Non-Negotiable Nsight Health is an AI-first organization. Every member of our leadership and operations team is expected to actively use AI tools in their day-to-day work — not as a novelty, but as a core productivity multiplier. This role requires genuine curiosity about AI, comfort experimenting with tools like Claude, ChatGPT, and workflow automation platforms, and the judgment to know when AI helps and when it doesn't. If AI makes you uncomfortable, this is not the right role.

Requirements

8+ years of information security experience, with at least 3 years in a leadership role owning a security or compliance program.
Deep HIPAA/HITECH Expertise: Practical knowledge of operationalizing compliance in a SaaS healthcare environment.
SOC 2 Mastery: Hands-on experience achieving or maintaining SOC 2 Type II certification.
AI Fluency: Genuine enthusiasm for and professional experience using AI tools (ChatGPT, Claude, etc.) as a core productivity multiplier and a deep understanding of their security implications.
Incident Leadership: Demonstrated experience managing real-world security incidents and data breaches.

Nice To Haves

Certifications: CISSP, CISM, HCISPP, or equivalent.
Industry Background: Experience in healthcare SaaS, digital health, or value-based care technology.
Builder Mindset: Prior experience building a security function from scratch at a growth-stage or PE-backed company.
Technical Breadth: Familiarity with cloud security (AWS/GCP/Azure) and AI governance frameworks.

Responsibilities

Security Program Ownership: Build and continuously improve Nsight’s security policies and standards; establish a risk-based framework grounded in CIS Controls and maintain our security architecture across cloud and SaaS platforms.
Regulatory & Compliance Leadership: Own the end-to-end HIPAA/HITECH program; lead SOC 2 Type II certification efforts, embedding controls into daily workflows so compliance is continuous rather than an annual event.
AI Security & Innovation: Actively assess the security implications of our AI-forward stack (LLMs, agentic workflows, and automation); develop guardrails that balance rapid innovation with responsible risk management.
Vendor & Incident Management: Design and lead a robust vendor risk management program and own the enterprise incident response plan, including tabletop exercises and real-time incident management.
Team Leadership: Directly lead and mature the existing compliance function; partner with the VP of IT on internal systems security and foster a security-first culture that enhances, rather than hinders, productivity.