Vice President of Engineering, Chief Information Security Officer (CISO)

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Technology, or a related field; Master's degree preferred.
• 15+ years of experience leading teams with at least 5 years in a Director and above role leading cyber security teams in a product development environment.
• Strong security architecture background with experience building and driving a cyber security strategy and framework.
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, NIST, HITRUST and HIPAA compliance requirements.
• Experience with leading control assessments such as SOC 1/SOC 2.
• Deep healthcare expertise and Security certifications such as CISSP are required.
• 5+ years of experience building cloud infrastructure in AWS and automating infrastructure through infrastructure as code practices.
• Strong understanding of cloud technologies, cybersecurity, and IT best practices.
• Experience with GCP will be nice to have.
• Excellent leadership, communication, and interpersonal skills.
• Ability to think strategically and align IT initiatives with business goals.
• Strong problem-solving and decision-making skills.
• Experience in budget management and resource allocation.

Nice To Haves

• Experience with GCP will be nice to have.

Responsibilities

• Develop and implement a comprehensive security and IT/cloud infrastructure strategy that supports the company's overall business objectives.
• Lead, mentor, and manage a high-performing team of security SRE, and IT professionals.
• Foster a culture of innovation, continuous improvement, and collaboration within the department.
• Work with senior leadership to align security and IT initiatives with business goals.
• Establish and maintain an enterprise-wide information security management program with clear information security policies and procedures.
• In partnership with Chief Privacy and Compliance officer, update and guide senior leadership and the Board of Directors on current cyber threats, issues, and risks, and provide regular status updates on progress and status of initiatives and operations.
• Oversee the information security organization with an emphasis on the effectiveness of security controls.
• Manage security incidents and events to include containment, communication and coordination across all relevant business functions.
• Establish and maintain disaster recovery and business continuity plans.
• Oversee the development and implementation of DevSecOps practices to improve software delivery and operational efficiency.
• Promote a culture of automation, continuous integration, and continuous deployment (CI/CD).
• Ensure high reliability and uptime for the cloud applications.
• Oversee the management and maintenance of IT infrastructure, including networks, servers, databases, and cloud environments.
• Ensure the security, scalability, and reliability of IT systems.
• Implement and maintain disaster recovery and business continuity plans.
• Develop and manage the departmental budget, ensuring cost-effective use of resources.
• Allocate resources to various projects and initiatives based on strategic priorities.
• Collaborate with other departments to understand their IT needs and provide solutions that support their goals.
• Communicate IT strategy, progress, and performance to executive leadership and stakeholders.

Benefits

• Health insurance
• 401k
• Paid time off
• Stock options