Job Description:
• Own and operate the end-to-end enterprise cybersecurity program, including strategy, architecture, operations, governance, and compliance.
• Establish a multi-year security roadmap aligned with business priorities, technology evolution, and regulatory requirements.
• Drive program maturity, ensuring continuous improvement across all domains of cybersecurity. Ensure security is integrated into enterprise planning, product development, and operational execution.
• Develop and maintain a risk-based cybersecurity investment framework to prioritize initiatives and allocate resources effectively.
• Lead architectural decisions across: identity and access systems, data protection and encryption strategies, network and zero-trust architectures, secure platform design for clinical and genomic systems and for agentic workflows.
• Present regular updates to executive leadership on cyber risk posture, threat landscape, program maturity, incident readiness and response. Lead Board-level discussions on cybersecurity strategy, risk tolerance, and investment priorities.
• Define and execute a strategy for AI-assisted cybersecurity operations, leveraging machine learning, automation, and advanced analytics to enhance detection and response capabilities.
• Build a highly automated, intelligence-driven SecOps function that minimizes manual intervention and improves speed and accuracy of threat identification and remediation.
• Drive adoption and optimization of modern security platforms, including: Next-generation SIEM/SOAR, CNAPP / CSPM, EDR/XDR, Identity intelligence platforms. Leverage AI/ML to improve signal-to-noise ratio in security alerts, detect anomalous behavior across security domains, and automate triage, investigation, and response workflows
• Integrate AI capabilities into threat intelligence, vulnerability management, and risk analysis processes. Continuously evaluate emerging AI security tools and capabilities, balancing innovation, risk, and operational value.
• Oversee enterprise security operations including monitoring, detection, and response. Lead incident response and crisis management, ensuring rapid containment and recovery.
• Own compliance strategy across frameworks including SOC 2, ISO 27001, and NIST. Ensure alignment with healthcare and global data protection regulations (HIPAA, GDPR, CCPA).
Requirements:
• 20+ years of progressive cybersecurity leadership experience.
• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related technical field required. Advanced degree (Master’s or PhD) is strongly preferred.
• Proven experience owning and operating an enterprise-wide cybersecurity program, including strategy, execution, and governance. Strong track record of building modern, engineering-led security organizations in cloud-native environments.
• Comfortable operating in high-growth, high-complexity environments. Experience building and scaling security programs in cloud-native, high-growth environments.
• Deep, practical expertise across: Cloud security architecture (CSPM, CNAPP, workload security), Identity and access management (IAM, SSO, zero trust), Detection & response (SIEM, SOAR, EDR/XDR), Application and API security, Data security, encryption, and DLP, DevSecOps and secure SDLC practice
• Strong balance of: technical depth (architecture, cloud, security engineering), and strategic leadership (program ownership, executive influence)
• Hands-on experience implementing or operating AI-assisted security tools and automation frameworks.
• Demonstrated success engaging with executive leadership and Boards on cybersecurity risk and investment decisions.
• Experience developing risk-based investment strategies and prioritization frameworks. Ability to translate cybersecurity complexities into executive and Board-level communications.
• Exceptional executive communication and storytelling skills.
• Proven ability to influence senior leadership and drive alignment on complex risk and investment decisions.
Benefits:
• Annual performance incentive bonus
• Long-term equity awards
• Comprehensive health benefits (medical, dental, vision)
• 401(k) with company match
• Generous paid time off and company holidays
• Additional wellness and work-life benefits