VP, Security and Compliance

We are seeking a visionary and strategic Vice President of Security and Compliance to lead our enterprise-wide security, privacy, and compliance initiatives. This executive role is responsible for developing, implementing, and managing a comprehensive security and privacy program that spans AWS, Azure, Salesforce, Microsoft 365, and Electronic Health Record (EHR) systems. The ideal candidate will be a champion of zero-trust architecture, regulatory compliance, and risk management, with a proven track record of aligning security strategies with business goals in a complex, multi-cloud healthcare environment.

• Develop and execute the organization’s security and compliance strategy, ensuring alignment with business objectives and regulatory requirements.

• Lead the implementation of zero-trust security principles across all platforms and environments.

• Oversee security governance for cloud platforms (AWS, Azure), SaaS applications (Salesforce, Microsoft 365), and EHR systems.

• Establish and maintain enterprise-wide security policies, standards, and procedures.

• Collaborate with DevOps, IT, and engineering teams to embed security into the software development lifecycle (SDLC) and infrastructure.

• Ensure compliance with HIPAA, SOC 2, ISO 27001, and other relevant frameworks.

• Lead risk assessments, vulnerability management, and incident response efforts.

• Manage relationships with external auditors, regulators, and security vendors.

• Build and lead a high-performing security and compliance team.

• Provide regular reporting to executive leadership and the board on security posture, risks, and compliance status.

• Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field.

• 10+ years of progressive experience in information security, compliance, or risk management, with at least 5 years in a leadership role.

• Proven experience managing security across AWS, Azure, Salesforce, Microsoft 365, and EHR platforms.

• Deep understanding of zero-trust architecture, identity and access management (IAM), data protection, and cloud security frameworks.

• Strong knowledge of HIPAA, SOC 2, ISO 27001, NIST, and other regulatory standards.

• Excellent leadership, communication, and stakeholder management skills.

• Industry certifications such as CISSP, CISM, CCSP, or AWS/Azure Security Specialty.

• Experience in a healthcare or life sciences environment.

• Familiarity with DevSecOps practices and secure cloud-native architectures.

·       Remote work environment

·       Medical, dental and vision benefits within 30 days of hire 

·       Paid vacation and holidays

·       A fun team and special culture

·      Equipment Provided