Position Details

Type Full-Time

Experience executive

Exp. Years 10+ years

Education Not specified

Category Cybersecurity

About this role

Executive-level information security leader responsible for HIPAA/privacy/compliance, HITRUST and SOC 2 readiness, and security operations for a remote, high-growth healthcare technology company.

Key Responsibilities

Lead InfoSec and IT teams
Maintain HITRUST and SOC 2 Type II attestation
Lead security incident response
Oversee vulnerability management and threat detection
Drive vendor risk management and third-party security oversight

Technical Overview

Oversees cloud and application security, SIEM and monitoring, incident response, and vendor risk; partners with Legal, Compliance, Engineering, and Product to embed security into product development and operations.

Ideal Candidate

An experienced information security executive with HIPAA-compliant, high-growth healthcare tech background, holding HITRUST and SOC 2 Type II attestations, capable of scaling security programs and guiding cross-functional teams.

Must-Have Skills

Experience leading Information Security in a HIPAA-complianthigh-growth tech environment (100+ employees)HITRUST (MyCSF) certification and SOC 2 Type II attestationExperience scaling a company through significant growth (50-250+ employees)Background in telehealthExperience managing and mentoring small teamsCloud environmentsSIEM and security monitoring toolsVulnerability managementIncident response leadershipVendor risk managementSecurity architecture expertise

Nice-to-Have Skills

CISSPCRISCSecurity certificationsTelehealth security experience

Tools & Platforms

SIEMsecurity monitoring toolscloud platforms

Required Skills

Information SecurityHIPAAHITRUSTSOC 2 Type IIVulnerability managementThreat detectionIncident responseVendor risk managementSecurity architectureCloud securitySIEMSecurity monitoringTelehealthAWSCISSPCRISC

Hard Skills

HIPAAHITRUST (MyCSF)SOC 2 Type IIVulnerability managementThreat detectionIncident responseVendor risk managementSecurity architectureCloud securitySIEMSecurity monitoringSecurity operationsTelehealthAWSCISSPCRISC

Soft Skills

leadershipcross-functional collaborationinfluence without authoritycommunication

Certifications

Required

HITRUST (MyCSF)SOC 2 Type II

Preferred

CISSPCRISC

Industry & Role

Industry Healthcare & Medical

Job Function Strategic and hands-on information security leadership to protect healthcare data and enable scalable growth.

Role Subtype Executive & General Management

Tech Domains Cybersecurity, Cloud Security, Security Operations, SIEM, Incident Management

Keywords for Your Resume

VPInformation SecurityHIPAAHITRUST (MyCSF) certificationSOC 2 Type II attestationVulnerability managementThreat detectionIncident responseVendor risk managementSecurity architectureCloud securitySIEMSecurity monitoringTelehealthCISSPCRISCsecurity governancerisk managementremoteinformation securityhipaahitrust mycsfsoc 2 type iivulnerability managementincident responsevendor risk managementcloud securitysiemtelehealth

Deal Breakers

Lack of HIPAA/compliance experience, No HITRUST or SOC 2 Type II experience, No leadership experience in security

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile

VP, Information Security

Get matched to jobs like this