Our client is in search of a Head of Data Security to join their growing team. The leader will own the information security and privacy program as well as be a vital resource to the leadership team, designing and executing cross-functional security initiatives throughout the organization. Experiencing working cross-functionally with engineering teams is a must; exposure to rolling out new product lines in the areas of healthtech and enterprise software is highly preferred. Additionally, this role will be responsible for evolving the compliance position and aligning efforts with industry-recognized frameworks and regulations. Extensive experience in Information Security is required, particularly in a software-as-a-service environment. The ideal candidate will come from working in a healthtech or enterprise security SaaS environment, along with proficiency in common security and privacy frameworks (e.g., SOC 2, HIPAA, HiTrust, CCPA). Candidates with a CISSP or similar certification are highly desired! This role will require 3 days a week in the NYC office.
- Own the vision and direction of the company’s information security and privacy program
- Strategically evolve the company’s governance, risk, and compliance practices
- Identify and seize opportunities to reinforce the overall security posture of the company’s products
- Monitor the security of the company’s security infrastructure through reporting tools and ensuring alignment with key access controls
- Lead and facilitate effective cross-functional collaboration on key security initiatives throughout the organization
- Execute audit and certification programs such as SOC2 and HiTrust
- Support the sales team as a subject matter expert on matters related to Cybersecurity
- Hire talented security engineers or contract staff and facilitate the professional growth of the team, as the company scales
- Several years of Information Security experience, with at least some years in a leadership position
- Proficiency with common security and privacy frameworks (e.g. SOC 2, HIPAA, HiTrust, CCPA)
- Proven ability to develop and oversee an organization-wide security and privacy program
- Experience managing a team of security engineers in a fast-paced environment
- Excellent communication skills
- Strong knowledge of security engineering principles, networking concepts, identity, access control, applied cryptography, and secure DevOps architecture
- Experience with AWS cloud security tool suite, and secure cloud architecture
- CISSP or similar certification is a plus!
Expected salary for this role is 150,000 - $210,,000, commensurate with experience, training, skills, qualifications, and other market factors.