Information Security Lead

This is a fully remote position, open to applicants in United States.

📋 Description

• Take charge of the security program: Define and manage the company’s security initiative, which encompasses policies, controls, risk management, and the Information Security Management System (ISMS).

• Foster compliance and customer confidence: Oversee SOC 2 / HIPAA programs, audits, and all customer-facing security procedures (including questionnaires, due diligence, and reviews).

• Create practical security controls: Develop scalable security architectures and guidelines across cloud platforms, data, application systems, and internal IT.

• Empower the organization: Integrate security into the Software Development Life Cycle (SDLC) and internal processes, facilitating the controlled implementation of AI agents throughout the business.

⛳️ Requirements

• Proven experience in managing a security program within a startup or growth-stage enterprise (approximately 20–150 employees).

• In-depth knowledge of SOC 2 and HIPAA frameworks, including executing audits from start to finish and collaborating with security vendors.

• Capability to design effective security controls across AWS, application, and internal IT environments (Google Workspace + OSX).

• Proven ability to balance security, speed, and business requirements, along with effective communication with customers.

🏝️ Benefits

• Competitive salary and equity options.

• Flexible work hours and the ability to work remotely.

• Comprehensive health and wellness benefits.

• Opportunities for professional development and growth.