VP Technology (Information Security)

About Lantern

Lantern is the specialty care platform connecting people with the best care when they need it most. By curating a Network of Excellence comprised of the nation's top specialists for surgery, cancer care, infusions and more, Lantern delivers excellent care with significant cost savings to employers and their workforces. Lantern also pairs members with a dedicated care team, including Care Advocates and nurses, for the entirety of their care journey, helping them get back to good health, back to their families and back to work. With convenient access to specialists nationwide, Lantern means quality care is within driving distance for most. Lantern is trusted by the nation's largest employers to deliver care to more than 6 million members across the country. Learn more about us at lanterncare.com. 

About You:

• You use LOGIC in your decision making and understand that progress is critical to making change. You focus on the execution of your content while balancing a fast-paced environment and you take the time to celebrate both the small & big wins. 
• INCLUSION is a core tenant of your personal beliefs. A diverse and inclusive environment is incredibly important to you. You understand and desire to be a part of a diverse team with different experiences and perspectives & you cherish the differences in each individual that you interact with.
• You have the GRIT, drive and ambition to tackle big problems. Big problems require big ideas and a team that supports new ideas. 
• You care deeply for your customers are driven to keep HUMANITY in all decisions. Your customers aren’t just the individuals using your product. They are the driving factor in your motivation to make a change.
• Integrity guides you in life. Focusing on the TRUTH vs. giving people the answers they want to hear. 
• You thrive in a Team Environment. Collaboration is key in innovation and creating change.

These pillars of LIGHT are a reminder to our team that we are making a difference by providing guidance and support in navigating the often complex and confusing landscape of healthcare. We hope that through this LIGHT, individuals can find their way to the best care, resources, and support they need to get back to life. 

If this sounds like you, we would love to connect to speak further about career opportunities at Lantern.

Please apply to our role & someone from our Talent Acquisition Team will reach out to help you navigate our interview process.

VP Technology - Information Security

In this role, you will be responsible for managing the information security program and execution of overall security and technology compliance operations to ensure Lantern information assets and technologies are adequately protected. You with allocated staff members, and where applicable, outsourcing partners will work to identify, develop, implement, and maintain processes and technologies across the company to ensure security risks are adequately monitored, mitigated, and managed. Your ownership will span across various technical security and compliance functions that includes Access management, Incident response, technical audit/risk assessment, vulnerability management, and other security operations for Lantern. as expected by the CIO, CEO, and the Executive Management Team (EMT).

Reporting to the CIO, this role:

• Ensures the security program is effective in identifying, detecting, responding to, and recovering from cybersecurity events.
• Represents Information Security to the rest of the company, ensuring the security program evolves to keep pace with the dynamic threat environment.
• Serves as the interface between the CIO’s strategic activities and the cybersecurity technology-focused needs of the IT organization.
• Translates IT risk requirements and business constraints into actionable specifications, developing metrics for ongoing performance measurement and reporting.
• Coordinates technical activities to implement and manage security infrastructure, providing regular status updates and service-level reports to the CIO.
• Leads and prioritizes security team efforts, balancing operational tasks with strategic security initiatives.
• Allocates security-related responsibilities across internal teams to ensure capacity needs are met.
• Manages vendor relationships related to security needs, ensuring effective performance and alignment with organizational goals.
• Represents strategic security intent, program progress, and operational metrics to the Lantern Technology leadership team and at cross-departmental leadership panels.
• Oversees incident response leadership, ensuring effective coordination during high-stakes cybersecurity events.
• Fosters an organizational culture of security awareness, driving collaboration across departments and stakeholders.

Responsibilities and Duties

• Develop a forward-looking security vision and program, along with security projects that address identified risks and evolving business requirements.
• Establish and manage Information Security standards and procedures aligned with generally accepted practices and professional security frameworks.
• Ability clearly communicate (tell the story) and keep all concerned stakeholders informed of the Security roadmap and key updates.
• Have analytical skills to work with data, identify trend metrics, formulate action plan and show quantifiable outcomes or changes.
• Define security metrics and reporting strategies that effectively communicate program successes, risks, and progress toward organizational goals.
• Build alignment between security metrics and broader business KPIs to demonstrate the strategic impact of the security program.
• Oversee operational components of threat and cyber-attack management, including detection, response, recovery, and reporting.
• Lead the technical compliance and audit program, ensuring LANTERN maintains critical accreditations, such as SOC 2 Type 2 and HITRUST, and remains responsive to evolving regulatory landscapes.
• Identify and assess current and future threats, providing a realistic and actionable overview of organizational risks.
• Define and oversee risk treatment strategies, integrating them into overall business objectives and communicating residual risks to stakeholders.
• Design and oversee practices for evaluating, testing, and implementing new security technologies, ensuring alignment with business goals.
• Provide technical and managerial leadership for security tools, infrastructure, and operations.
• Monitor compliance and recommend updates to policies and procedures to enhance efficiency and regulatory adherence.
• Manage vendor performance for outsourced security functions, ensuring alignment with organizational objectives and security standards.
• Oversee security testing procedures, including penetration tests, vulnerability assessments, and remediation strategies.
• Collaborate with stakeholders (IT, Legal, Finance, Operations, etc.) to identify data asset owners and classify systems within a control framework.
• Lead the development of an incident response plan, managing security incidents, production issues, and change management processes.
• Facilitate security communication, training, and awareness programs across the organization to foster a security-first culture.
• Lead and manage a team of security professionals, including hiring, coaching, and conducting performance reviews.
• Integrate emerging technologies (e.g., AI, ML) into security strategies to address evolving threats and improve operational efficiency.
• Work on special projects as requested and perform other duties as assigned.

Qualifications

• A bachelor’s or master’s degree in information systems, cybersecurity, or equivalent work experience.
• Specific background in cloud infrastructure and/or network architecture/security is highly preferred.
• 10+ years of IT experience, including 3+ years in a senior-level information security role.
• Relevant certifications, such as HCISPP, CISM, or CISSP, are highly preferred.
• Strong experience in healthcare-related security and compliance frameworks (e.g., HIPAA, HITRUST).
• In-depth knowledge of information security management frameworks, such as ISO-27001, NIST Cybersecurity Framework, CSA, and HITRUST CSF.
• Proven expertise in application and technology security testing, including white box, black box, and vulnerability scanning/penetration testing.
• Familiarity with cryptography, cryptanalysis, and secure data management practices.
• Demonstrated ability to integrate emerging technologies (e.g., AI/ML) into cybersecurity strategies.
• Strong understanding of the business impact of security tools, technologies, and policies.
• Excellent verbal and written communication skills, with the ability to engage effectively with technical teams, business stakeholders, and executives.
• Experience working with legal, audit, and compliance teams to ensure adherence to regulatory and contractual obligations.
• Proven ability to develop and maintain policies, procedures, standards, and guidelines that enhance organizational security.
• Proficiency in performing risk assessments, control evaluations, and defining risk treatment strategies.
• Exceptional analytical and critical thinking skills, with the ability to relate security controls to business priorities.
• Strong leadership abilities, with a track record of driving a security-first culture across an organization.

Lantern does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.