This Role:

- The Senior Director Information Security at LogixHealth will lead the efforts to ensure the organization and our partners are as secure as possible.

- This role will help ensure that security is always front and center across all our products, systems, platforms and tools within our ever growing environment.

- This role will work with a globally distributed team of engineers working in our fast-paced environment.

- The ideal candidate will have technical expertise in modern cyber security and the ability to build and manage a high functioning team cyber security team within a large technology organization.

- They will leverage technology and tools to be able to further improve security management.

- They will need to understand complex systems and bring their own ideas for incremental improvements and understand the business use cases of our products & data.

- They should have excellent interpersonal communication skills and the ability to mentor and guide engineers.

Key Responsibilities:

- Comprehensively manage cyber security in the organization.

- Enhance security & monitoring platforms within our environment.

- Cross functional collaboration with Product Development, Data Development & Security teams.

- Operational excellence in risk identification & mitigation.

- Increase efficiency across security operations through improved platforms and increased adoption of automation and tooling.

Qualifications:

- The following requirements are representative of the knowledge, skills, and/or ability required to perform this job successfully.

- Reasonable accommodation may be made to enable individuals with disabilities to perform the duties.

Required:

- 10+ years contributing to / leading cyber security in an organization

- Lead, develop, and inspire a high-performing cybersecurity, compliance, and risk management team.

- Establish and manage governance frameworks for data security, privacy, and risk.

- Oversee incident response, breach management, and disaster recovery planning with a focus on minimizing impact to healthcare data and operations.

- Implement and monitor data encryption, access control, and identity management frameworks for sensitive healthcare information.

- BS (or higher, MS / PhD) degree in Cyber Security / Information Security / related field, or equivalent technical experience

- Deep knowledge of security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), security information and event management (SIEM), and endpoint protection.

- Strong understanding of network protocols, operating systems, and cloud security is essential.

- Cross functional understanding of engineering practices across data, product & infrastructure.

- In-depth knowledge of HIPAA, HITECH, HITRUST, GDPR, and healthcare-specific security frameworks.

- Experience managing security in cloud and hybrid healthcare data environments (AWS, Azure, GCP).

- Strong understanding of EHR systems, health data interoperability, APIs, and secure data exchange standards (HL7, FHIR).

- Expertise in risk management, privacy, compliance, and security operations.

- Ability to balance stringent compliance requirements with business enablement.

- Lead, develop, and inspire a high-performing cybersecurity, compliance, and risk management team.

- Establish and manage governance frameworks for data security, privacy, and risk.

- Oversee incident response, breach management, and disaster recovery planning with a focus on minimizing impact to healthcare data and operations.

- Implement and monitor data encryption, access control, and identity management frameworks for sensitive healthcare information.

- Passion for mentoring and guiding others.

- Strong written and verbal communication skills.

Preferred:

- Experience with globally distributed workforce

- Professional certifications such as Certified Information Systems Security Professional (CISSP),

- Certified Information Security Manager (CISM), or CISSP-ISSMP

- Incident response experience & program management including developing and testing incident response plans