Head of Technology & Security Operations

About The Position

Requirements

• Bachelor’s degree in Information Technology, Computer Science, or related field
• 10+ years of progressive experience in IT operations, security, or related disciplines
• 5+ years in a senior leadership or management role
• Experience operating in highly regulated or public company environments (SOX controls required)
• Proven experience owning or supporting security audits and compliance initiatives
• Experience with cloud platforms (AWS and/or Azure), ITSM tools, and modern infrastructure practices
• Experience creating, implementing, and testing disaster recovery and incident response plans
• Strong organizational, communication, and stakeholder management skills
• Executive presence with the ability to balance risk management with business velocity

Nice To Haves

• Experience in healthcare, fintech, or SaaS environments
• Familiarity with HITRUST-aligned controls and PCI requirements
• Experience working with enterprise security customers or partners
• Experience leading hybrid or remote IT teams

Responsibilities

• Provide strategic and operational leadership for IT operations, including infrastructure, cloud services, DevOps support, network management, system administration, and end-user support
• Ensure reliable, high-availability delivery of internal technology services aligned to business needs and SLAs
• Own IT service management practices, including incident, change, problem, and asset management (ITIL-aligned)
• Lead business continuity and disaster recovery planning, testing, and readiness
• Establish and manage the IT operations budget, driving cost optimization and operational efficiency
• Track and report on KPIs, SLAs, and operational risk metrics to executive leadership
• Drive automation and modernization initiatives to improve reliability and reduce manual effort
• Own day-to-day operational security management for company systems outside of product engineering
• Triage, track, and manage incoming security issues across platforms and stakeholders
• Serve as the operational lead for security incidents, including intake, assessment, escalation, documentation, and communication
• Partner with Engineering and IT to prioritize remediation efforts and manage risk-based tradeoffs
• Configure and maintain security monitoring, scanning, and access management tools
• Oversee SaaS vendor access, SSO integrations, and internal system permissions
• Partner with HR and IT on onboarding and offboarding access controls
• Ensure compliance with internal controls and regulatory frameworks (e.g., SOX, HITRUST, PCI, NYDFS)
• Own audit readiness and execution, including client audits, security questionnaires, RFP responses, and enterprise security reviews
• Coordinate internal access reviews, permissions validation, and audit evidence collection
• Partner with external enterprise security stakeholders and auditors
• Support and document compliance programs across IT, security, and operations
• Facilitate new hire and ongoing security awareness training
• Lead, mentor, and develop high-performing IT and operations teams
• Foster a culture of accountability, documentation, and continuous improvement
• Act as a trusted partner to senior leaders, translating technical risk into business impact
• Communicate effectively with both technical and non-technical stakeholders

Benefits

• flexible work environment
• hybrid company
• remote work across a number of U.S. states
• work environment free of discrimination and harassment
• equal employment opportunity