About The Position
VI is the market leading Enterprise-AI platform for health, serving the world’s largest health organizations — from Fortune 500 health providers to pharma and consumer brands — helping them maximize acquisition, enrollment, engagement, retention, and health outcomes. Vi offers 3 main product lines: Acquire, Engage and Transform.
Backed by $60M+ in R&D, our powerful platform serves over 100 million members daily — and growing. We are based in New York, Austin, Nashville & Tel Aviv.
As VI’s Director of InfoSec, you’ll spearhead our security initiatives, safeguarding our day-to-day operations. Your role is pivotal in implementing and maintaining advanced security technologies, continuously monitoring threats, and adeptly responding to potential security incidents. You will maintain and refine our security policies and procedures, ensuring alignment with VI’s overarching business goals.
Your responsibilities extend to educating our employees on security best practices and fortifying their ability to identify and mitigate risks. Collaborating across departments, you’ll ensure that our security strategies are seamlessly integrated with business operations.
- Develop, implement and monitor a strategic, comprehensive information security and IT risk management program
- Work directly with the business units to facilitate risk assessment and risk management processes
- Develop and enhance an information security management framework
- Interact with relevant teams through committees to ensure the consistent application of policies and standards across all projects, systems and services
- Partner with stakeholders across the company to raise awareness of risk management concerns
- Assist development teams, providing a knowledge and guidelines in matters concerning security and compliance
- Establish and operate an Information Security Management System (ISMS)
- Identify new security challenges and ensure action is taken to eradicate risks / ensure effective management of threats and security incidents
- Promote awareness of strategic initiatives and encourage self-sustaining security practices and behaviors within delivery teams
- Report IT situations, where there is an initial suspicion of criminal offenses, intentional acts, or significant irregularities & breaches of regulatory or security standards
- Review existing technical environments & policies globally, propose and manage changes to improve Information Security
- Display resilience and adaptability under demanding circumstances.
- Lead the renewal process of our SOC 2 Type II certification, ensuring continuous compliance and adherence to standards.
- Manage and respond to vendor risk assessments, ensuring alignment with our security protocols and maintaining robust security partnerships.
- At least 5 years of experience with Information Security (security researcher, security engineer, security architect) and 3 or more years of experience in a leadership position
- A bachelor’s degree in computer science, information security, or a related field.
- Deep knowledge in Information Security / ISMS
- Ability to find and analyze IT systems security vulnerabilities
- An understanding of past, current, and emerging security exploit types
- Skilled in consultancy, risk management, solution design and issue resolution
- Good understanding of IT infrastructure and technical security measures
- Experience in resource and vendor management
- Experience in cloud security including Docker and Containers
- Experience with AWS (GCP in addition is a plus)
- Good understanding of software development practices
- Understanding of log analysis and security forensics
- Experience of conducting and working with 3rd party suppliers to conduct penetration tests, both software and hardware
- Knowledge of information security management frameworks, such as ISO/IEC 27001, Soc 2, HIPAA, PCI and HITRUST
- Strong negotiation skills for negotiating contracts and IT support services to be rendered.
- Excellent understanding of current legislation and regulations relevant to our organization.
- Excellent project management and leadership skills.
- First-rate written and verbal communication skills.
- Demonstrate resilience under very demanding pressures and circumstances