Head of IT & Security
$175,000–$220,000 year
On-site · San Francisco, California, United States or Seattle, Washington, United States
Job Summary
Security Lead to own NexHealth's security governance, compliance, and IT programs end-to-end; serve as named Information Security Officer and Privacy Officer for SOC 2 and HIPAA; set security standards across application security and cloud security (AWS); build and develop the IT and workforce security program; manage vendor security and trust artifacts; lead incident response; own the risk register, privacy operations, and BC/DR; hire a Staff-level IT IC within year one.
Required Qualifications
- 8+ years of relevant security experience
- 3+ years in a security leadership role
- Built a security program from near-zero baseline
- Led external audits end-to-end (SOC 2, ISO, PCI, HITRUST)
- Software engineering background aligned with security
- Experience hiring and developing senior security/IT contributors
- Ability to map controls and provide evidence for auditors
- Strong communication to both Board and engineering audiences
- Experience with governance, compliance, and IT operations
- BAA execution and vendor security oversight
- Incident response leadership and tabletop exercises
- Privacy operations including DSARs and data subject rights
- BC/DR planning and cyber insurance relationships
This role has closed. Sorce can match you with similar open roles and apply on your behalf.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.