VP, Information Security
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
VP of Information Security at Brightside Health guiding security and IT functions in a high-growth telehealth environment. Fostering collaboration across teams while ensuring compliance and security standards.
Responsibilities:
- Lead and develop a high-performing, lean InfoSec and IT team
- Act as a trusted advisor to executive leadership on security, risk, and compliance strategy
- Enable business growth by embedding security as a business enabler, not a blocker
- Translate complex technical risks into clear business impact and decisions
- Maintain and mature HITRUST certification (MyCSF) and SOC 2 Type II attestation
- Own and evolve the organization’s risk management program
- Lead security incident response and continuous improvement of response capabilities
- Oversee vulnerability management, threat detection, and remediation efforts
- Drive vendor risk management and third-party security oversight
- Ensure compliance with HIPAA and other applicable regulatory requirements
- Oversee application, infrastructure, and data security across a cloud-first environment
- Manage and optimize SIEM and security monitoring capabilities
- Guide secure architecture decisions in partnership with engineering and product teams
- Support secure scaling of systems during rapid organizational growth
- Oversee IT operations to ensure reliable, secure, and high-quality support for employees and clinicians
- Deliver a seamless IT experience for a fully remote workforce and distributed clinician network
- Establish metrics and reporting on security posture, compliance health, and IT performance
- Partner with Legal, Compliance, Engineering, Product, and Clinical teams to ensure alignment
- Drive a culture of shared responsibility for security and privacy
- Support innovation initiatives while maintaining appropriate risk controls
Requirements:
- Experience leading Information Security in a HIPAA-compliant, high-growth tech environment (100+ employees)
- Proven success guiding organizations through HITRUST (MyCSF) certification and SOC 2 Type II attestation
- Experience scaling a company through significant growth (e.g., 50 → 250+ employees)
- Background in telehealth, digital healthcare required
- Experience managing and mentoring small, high-impact teams
- Comfortable operating as a player-coach—balancing strategy with hands-on execution
- Ability to influence without authority and drive alignment across diverse stakeholders
- Strong hands-on experience with:
- Cloud environments
- SIEM and security monitoring tools
- Vulnerability management programs
- Incident response leadership
- Vendor risk management
- Deep understanding of security architecture, infrastructure, and application security
- CISSP preferred
- CRISC or strong risk management background is a plus
Benefits:
- A competitive salary
- Stock options so you have equity
- Fully paid for comprehensive health care (medical, dental, vision)
- Pet Insurance
- Life Insurance & Short / Long Term Disability
- 401k Plan
- Unlimited PTO and sick leave
- Parental Leave
- Work remotely and whatever schedule works best for you
- Additional memberships and perks
Similar Jobs
Lead Cyber Security Subject Matter Expert – DLA VM Support
Cyber Security Subject Matter Expert - Lead for Defense Logistics Agency. Providing expert support and analysis for cybersecurity assessments in a fully remote capacity.
Operation Technology Security Engineer – DLA VM Support
Operation Technology Security Engineer providing DLA VM Support at Horizon Industries. Focused on Cybersecurity for operational technology systems relevant to DOD standards.
Enablement Solutions Program Manager, Security
Solutions Enablement Program Manager at HPE driving success and adoption of Networking's Security portfolio. Collaborating with marketing and product teams to enable sales through effective training and resources.
Cybersecurity Engineer – Data Loss Prevention, Messaging Security
Cybersecurity Engineer leading the secure deployment of data loss prevention strategies in remote role. Focus on data loss and messaging security across Microsoft 365 and Check Point gateways.
Project Manager, Cybersecurity
Project Manager leading technology implementation and hardening projects for Athena7 at Fenix24. Coordinating teams and managing client expectations to deliver projects on time and budget.
Homologation Lead – Passive Safety
Leader in homologation overseeing complex passive safety projects at UTAC. Engaging with clients and regulatory bodies while ensuring adherence to safety standards.
IT, Cyber Security Auditor
Cybersecurity Auditor securing applications for financial messaging industry. Leading global audit assignments and assessing technology controls effectiveness.
Senior AI Security Engineer
Senior AI Security Engineer at Mirantis focusing on security for AI products and infrastructure. Collaborating with teams to implement secure practices and manage risk in AI capabilities.
Senior Director Analyst, Cybersecurity, Governance, Risk & Compliance
Senior Director Analyst creating actionable cybersecurity insights at Gartner. Leading thought leadership and client engagement across Europe with a focus on Cyber GRC and information security.
Principal Security Engineer, SaaS Security Posture Management
Principal Security Engineer working on SaaS Security Posture Management program for Salesforce. Lead security assessments and secure configuration strategies for third-party suppliers.
Senior Analyst – Workday Security, HCM
Sr HR Analyst overseeing Workday Security and Core HCM design in complex global environment. Collaborating with HR and IT stakeholders for optimal system performance.
Senior Director, Health, Safety, Security & Environment
Senior Director responsible for implementing HSSE strategies across JLL-Technical Services. Leading compliance and risk management for Data Centers and Critical Environments.
Junior Network & Security Engineer – 24/7
Technical support engineer providing email and telephone assistance to global customers with fault-finding. Collaborating with teams to manage incidents and coordinate hardware replacements.
Network Security Engineer I
Network Security Engineer I responsible for providing architectural expertise for secure networks at Logically. Working with cybersecurity professionals to empower businesses with secure technology solutions.
Staff Product Security Engineer
Staff Product Security Engineer at DigitalOcean assessing security risk of products and features. Collaborating with teams to ensure secure architecture and reduce vulnerabilities while encouraging engineering best practices.
Senior Hardware Security Engineer
Senior Hardware Security Engineer at Lime focusing on developing security solutions for hardware and firmware products. Contributing to collaboration across teams while ensuring hardware security standards are met.
Senior Hardware Security Engineer
Senior Hardware Security Engineer for Lime focused on safeguarding hardware and firmware security. Collaborating within a remote product security team on cutting-edge security solutions and methodologies.
Senior Hardware Security Engineer
Senior Hardware Security Engineer at Lime focusing on hardware security architecture and assessments. Collaborate with teams on product security across embedded systems and firmware.
Security Engineer
Security Engineer safeguarding the innovative GPU cloud platform at Runpod. Ensuring security and isolation of customer workloads in a remote-first company.
Technical Lead – Application Security
Technical Lead in Application Security at CENSUS, managing security engineers while delivering top-tier cybersecurity services. Involved in technical leadership and addressing application security challenges.