A fast-growing, data-driven organization in the healthcare space is seeking a Head of Information and Data Security to define and lead enterprise-wide cybersecurity strategy. Reporting directly to the COO, this executive will safeguard critical data assets, ensure compliance with regulatory standards, and serve as a key advisor to leadership and the board.

Key Responsibilities:

• Strategy & Governance: Build and execute a cybersecurity roadmap aligned with business priorities and regulatory frameworks (HIPAA, GDPR, ISO, etc.). Present risk and mitigation plans to executive leadership and board members.
• Risk & Compliance: Lead enterprise cyber risk management and ensure security controls align with HIPAA, SOC2, ISO 27001, SOX, and related standards. Oversee vendor risk and audit preparedness.
• Architecture & Operations: Own security architecture across cloud and hybrid environments (AWS, Azure, OCI), and manage incident response, endpoint protection, and SIEM operations.
• Cross-Functional Leadership: Collaborate with key teams in Technology, Infrastructure, Legal, Product, and Compliance to embed security into business operations. Champion a culture of security awareness across the organization.
• Team Building: Grow and lead a high-performing security function. Manage vendor relationships, team resourcing, and budget planning.

Qualifications:

• 10+ years of experience in information security or IT risk, including 8+ in a leadership capacity.
• Expertise in regulated industries, especially healthcare, biotech, or life sciences.
• Deep knowledge of security frameworks: HIPAA, ISO 27001, PCI, SOX, FDA cybersecurity guidelines.
• Proven success with IAM, cloud security, SIEM, and incident response.
• Exceptional communication skills with the ability to convey risk in business terms.
• Certifications such as CISSP, CISM, or CCISO strongly preferred.