Vice President, Information Security

LifeMDHealthcare

Remote Workable locations: Huntington Beach, California, United StatesFull-TimeVp

Salary not disclosed

Apply NowOpens the employer's application page

Job Details

Experience: 12+ years of progressive leadership in information security, cybersecurity, and risk management
Required Skills: CybersecurityRisk ManagementHIPAA

12+ years of progressive leadership in information security, cybersecurity, and risk management, preferably within healthcare, life sciences, or other highly regulated industries.
Experience operating in a publicly traded or highly regulated environment with strong governance and compliance requirements.
Proven track record of leading enterprise security programs in complex environments involving clinical systems, digital platforms, and sensitive patient data.
Deep knowledge of healthcare regulatory frameworks, including HIPAA, HITECH, HITRUST, and experience managing PHI/PII at scale.
Strong understanding of ITGC, SOX compliance, and audit processes.
Experience securing healthcare technologies, including EHR/EMR systems, patient engagement platforms, telehealth systems, and medical device integrations.
Hands-on leadership in cloud security, infrastructure modernization, and enterprise security architecture.
Expertise in identity and access management (IAM), zero trust frameworks, and modern security operations.
Experience implementing and managing GRC platforms and frameworks such as NIST, ISO 27001, and HITRUST.
Demonstrated success in incident response, cyber resilience, and enterprise risk mitigation.
Strong executive presence with experience engaging Boards and Audit/Compliance Committees.
Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
Relevant certifications such as CISSP, CISM, CISA, CRISC, or HCISPP preferred.

Lead all aspects of enterprise information security, including threat detection, incident response, vulnerability management, and continuous monitoring.
Establish and mature a comprehensive Governance, Risk, and Compliance (GRC) framework aligned to healthcare industry standards (e.g., NIST, HITRUST, ISO 27001).
Continuously assess enterprise risk posture, prioritizing cybersecurity risks in alignment with clinical, operational, and financial risk frameworks.
Design and implement strategies to protect sensitive patient data, including Protected Health Information (PHI), Personally Identifiable Information (PII), and clinical data.
Ensure compliance with healthcare data security and privacy regulations, including HIPAA and HITECH, as well as state-specific privacy laws.
Own and manage IT risk, compliance, and IT General Controls (ITGC) programs in support of SOX and healthcare regulatory requirements.
Maintain compliance with standards such as HIPAA, HITRUST, SOC 2, PCI-DSS (as applicable), and other healthcare-specific regulatory frameworks.
Lead security architecture across enterprise infrastructure, including cloud, hybrid, and on-premise environments supporting clinical and digital health platforms.
Lead enterprise incident response strategy, including preparedness, detection, containment, and recovery from cyber incidents.
Build, lead, and scale a high-performing information security organization, including security operations, risk, IT compliance functions.

View Full Description & ApplyYou'll be redirected to the employer's site