📋 Description

• Take charge of the security program: Define and manage the company's security initiatives, encompassing policies, controls, risk management, and the Information Security Management System (ISMS).

• Lead compliance and build customer trust: Oversee SOC 2 and HIPAA programs, audits, and all security processes that involve customer interactions, such as questionnaires, due diligence, and reviews.

• Develop pragmatic security controls: Create scalable security architectures and guidelines across cloud infrastructures, data systems, application environments, and internal IT.

• Empower the organization: Integrate security into the Software Development Life Cycle (SDLC) and internal processes, including the strategic adoption of AI agents throughout the business.

⛳️ Requirements

• Proven experience managing a security program within a startup or growth-stage company (approximately 20–150 employees).

• Strong expertise in SOC 2 and HIPAA environments, including the ability to conduct audits from start to finish and collaborate with security vendors.

• Capability to design effective security controls across AWS, application, and internal IT systems (such as Google Workspace and OSX).

• Demonstrated ability to balance security, speed, and business requirements, along with effective customer-facing communication skills.