Director of Security & IT

View full description

Requirements:

• 6+ years of experience in security operations, including hands-on technical experience.
• 3+ years of strategic security leadership in a healthcare setting, preferably in a fast-growing environment.
• 5+ years managing primarily SaaS based IT infrastructure and end user support in a hybrid or fully remote environment.
• HCISPP/CISSP certification (or equivalent experience).
• Proven ability to assess, manage and communicate security risks.
• Experience managing end-to-end security for company-issued devices.
• Deep knowledge of application security and cloud security architecture, especially AWS.
• Strong communication skills for technical and non-technical stakeholders.
• Effective leadership and collaboration skills with cross-functional teams.
• A proven track record of cultivating a security-conscious culture.

Responsibilities:

• Build and maintain a scalable and cost-effective IT infrastructure.
• Lead Oshi’s security operations and implement a robust vulnerability management program.
• Identify and prioritize security and privacy risks specific to healthcare.
• Develop and communicate a risk management program.
• Ensure compliance with healthcare regulations such as HIPAA, SOC2 Type II, and HITRUST.
• Manage vendor relationships and oversee security assessments.
• Track metrics to measure effectiveness of security and IT programs.
• Align with CTO and senior leadership on security strategies.
• Collaborate with engineering and product teams on security practices.
• Lead and mentor a high-performing security and IT team.