VP Information Security (CISO)

The Vice President of Information Security plays a critical leadership role in protecting an organization's digital infrastructure while aligning its cybersecurity strategy with broader business goals and industry standards. This executive-level position ensures that data, systems, and technologies are secure against evolving threats, and that compliance with regulatory and industry requirements is consistently maintained. The role also involves fostering a culture of security awareness that reflects core organizational values such as people, service, quality, and innovation.

Reporting directly to the Chief Technology Officer, the VP will lead the enterprise security function, overseeing internal teams and coordinating with external partners to implement a comprehensive security strategy. This includes managing risk assessments, incident response, policy compliance, and integration of security measures across all business units. Collaboration with legal, compliance, audit, risk, and operational stakeholders will be essential to embed security into all facets of the organization.

In addition to managing cyber incident response and recovery, this leader will evaluate and oversee the security posture of third-party vendors, ensuring that strict controls and risk mitigation practices are in place. The VP will provide guidance, mentorship, and direction to team members, encouraging innovation and continuous improvement. Keeping current with cybersecurity trends and best practices is essential to evolving the security framework in a fast-paced and innovative environment.

If you're driven to make a meaningful impact in shaping the future of information security within a mission-driven, fast-growing organization, this opportunity offers the chance to lead with purpose and deliver secure, scalable solutions that improve lives.

• Expertise in cybersecurity tools, with a focus on endpoint solutions, intrusion prevention systems, and data loss prevention technologies.

• Strong foundation in information security principles and practices across network, application, cloud, and endpoint security.

• Excellent verbal and written communication skills for engaging internal teams and external partners.

• Familiarity with security frameworks and regulatory requirements, including HIPAA, NIST, ISO 27002/27799, COBIT, ITIL, and industry best practices.

• Experience ensuring organizational compliance with healthcare-related standards.

• A broad, strategic view of information and cybersecurity, with a proven ability to design and execute long-term security roadmaps.

• Demonstrated success in implementing secure systems and processes for threat prevention, detection, and mitigation.

• Experience with firewalls, encryption, and other critical security infrastructure.

• Strong background in security architecture and framework development aligned with organizational objectives.

• Proven leadership in promoting a company-wide culture of security awareness and accountability.

• Skilled in developing security training programs and awareness campaigns for all stakeholders.

• Ability to manage relationships with vendors, developers, and external firms.

• Capable of leading multi-faceted security projects that span departments and technical domains.

• Customer Focus: Builds strong relationships and delivers solutions that meet stakeholder needs.

• Optimizes Work Processes: Improves efficiency and productivity through well-structured processes.

• Collaborates: Engages cross-functional teams to achieve shared goals.

• Resourcefulness: Utilizes resources strategically to achieve objectives.

• Manages Complexity: Analyzes and solves complex problems with clear, actionable strategies.

• Ensures Accountability: Sets clear expectations and holds teams to high performance standards.

• Situational Adaptability: Adjusts communication and leadership style to meet dynamic needs.

• Communicates Effectively: Delivers clear, audience-specific messages that resonate and drive action.

• Bachelor’s degree in technology or a related field; master’s degree and/or security certifications preferred.

• 10+ years of experience in Information Security and IT roles, preferably in healthcare or life sciences.

• Experience integrating innovative security technologies into enterprise environments, with strong emphasis on secure development lifecycles.

• Industry certifications such as CISSP (strongly preferred), CISM, and CISA.

• Proven experience in applying AI tools to enhance security operations, streamline processes, and improve decision-making.