Director, IT & Security

TonalAustin, TX
$178,000 - $220,000

About The Position

Tonal is seeking a Director of IT & Security to oversee the IT and security functions end-to-end. This role requires a start-up mentality, comfortable with fast-paced, lean environments while maintaining strong security and compliance discipline, especially given the company's expansion into healthcare and clinical applications. The Director will have high-level privileges across sensitive systems and direct accountability for IT and security outcomes company-wide, reporting to the VP of Business Technology.

Requirements

  • 10+ years in IT and security leadership, with full functional ownership and experience across identity and access management, endpoint security, SaaS administration, network infrastructure, and security program management.
  • Hands-on HIPAA compliance implementation experience, beyond writing policies.
  • Track record of building a security program from the ground up: policy, penetration testing, and real incident response.
  • Broad expertise across identity and access management, endpoint security, SaaS administration, and network infrastructure.
  • Equally comfortable configuring technical systems and presenting security risk to executive leadership.
  • A start-up mindset: thrives in fast-moving, resource-constrained environments without cutting corners on security.
  • Proven ability to prioritize with a lean team and limited budget, with outcomes to show for it.
  • Experience managing a large SaaS portfolio, including contract renewals, vendor negotiation, and license governance.
  • Strong people leadership skills, setting clear expectations and developing team members.
  • High standards of trust, integrity, and discretion, given access to the company's most sensitive systems.

Nice To Haves

  • HIPAA compliance roll-out and execution, owning the technical controls end-to-end.
  • Experience with SOC 2 Type II, NIST CSF, or HITRUST in a hands-on implementation capacity.
  • Background in healthcare technology, digital health, or clinical-grade software environments.

Responsibilities

  • Own end-to-end IT operations, including device lifecycle, onboarding/offboarding, SaaS administration, identity and access management, help desk, and office infrastructure across all locations.
  • Lead the technical controls side of Tonal's HIPAA compliance program, implementing safeguards required by the HIPAA Security Rule and HITECH Act (encryption, SIEM, MDM/EDR, role-based access).
  • Own and execute Tonal's security program: penetration testing remediation, security policy, tabletop exercises, vendor security reviews, and incident response.
  • Govern Tonal's AI tool ecosystem, including licensing, spend, API key governance, corporate AI policy, and DLP and prompt injection protections. Drive AI training and best practices across the organization.
  • Administer Tonal's SaaS portfolio, owning contract renewals, license optimization, and vendor negotiations across critical platforms.
  • Drive automation and identity governance maturity, including Okta Identity Governance, expanding SCIM-based provisioning, building & enforcing RBAC frameworks, and driving workflow automation and system integration.
  • Lead and grow the IT & Security team, managing engineers and administrators, overseeing the virtual CISO engagement, owning the budget and aligning org structure to Tonal’s needs.
  • Own IT documentation and process improvement, maintaining runbooks and closing gaps in onboarding, offboarding, and incident response, and driving overall automation.
  • Manage global physical infrastructure — networking, Wi-Fi, AV, and physical access — across a distributed, multi-office footprint.
  • Serve as a trusted operator on Tonal's most sensitive matters, from executive access provisioning to security incidents and legal holds.
  • Report regularly to senior leadership and the C-suite, translating IT & Security roadmap priorities, progress, technical risk and incident management into clear, actionable narratives.

Benefits

  • The job description does not explicitly list benefits.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service