Director of Infrastructure and Security

PE-backed start-up, DoseSpot is a dynamic and innovative leader in the electronic prescribing software market, and its subsidiary, pVerify, is an industry leading insurance verification solution. We are on a hyper-growth curve at the intersection of the software and healthcare industries. We need great team members to capitalize on these opportunities and improve the healthcare experience for patients and doctors alike. DoseSpot and pVerify have an exciting opportunity to join a fun and growing team, benefit from strong market tailwinds, and be part of an exciting opportunity to ensure mission-critical prescriptions and verifications are delivered on time and without error. 

About the Role: 

We are seeking a highly skilled, experienced Director of Infrastructure and Security to lead our cybersecurity strategy. You will play a critical role in ensuring the security and integrity of our software, systems, and data, and maintaining compliance with relevant regulations. In this highly visible and impactful role, you will work closely with others in the leadership team and across other departments.

Your Responsibilities: 

• Information Security Strategy: Develop and implement a comprehensive cybersecurity strategy that aligns with the company's business goals and objectives. 

• Security Governance: Establish and oversee the company's security governance framework and ensure the integration of security into all aspects of the business. 

• Risk Management: Identify, assess, and prioritize cybersecurity risks, and develop strategies to mitigate these risks effectively. 

• Compliance: Ensure compliance with industry regulations, standards, and legal requirements related to cybersecurity, including HIPAA, SOC2, and HITRUST. 

• Security Policies and Procedures: Develop, maintain, and enforce security policies, standards, and procedures to protect company assets and data, including validating and providing suggestions on Application Security and end-to-end Security controls. 

• Incident Response: Develop and oversee the incident response plan, ensuring that the company is well-prepared to respond to and recover from cybersecurity incidents. 

• Security Awareness: Promote a culture of cybersecurity awareness throughout the organization by providing training and educational programs. 

• Vendor Security: Evaluate and manage third-party vendor security risks and relationships. 

• Security Technology: Oversee the selection, implementation, and management of security technologies and tools, including firewalls, intrusion detection systems, and encryption. 

• Security Metrics and Reporting: Establish key performance indicators (KPI’s) and metrics to measure the effectiveness of cybersecurity efforts and report to executive leadership and the board, as needed.

• Leadership: Lead your team by building, developing, and mentoring the growth of the security team and oversee the day-to-day activities. 

Qualifications: 

• Education:

  • Bachelor’s degree in computer science, Information Systems, or a related field

  • A certification in CISSP, CISM, or CISA is highly preferred  

• Experience:

  • 8+ years of experience in information security or a similar role with at least 5 years of senior leadership experience 

  • Minimum of 3 years of experience working in a cloud infrastructure 

  • Previous healthcare experience with a solid understanding of HIPAA compliance  

• Skills

  • In-depth knowledge of cybersecurity principles, best practices, and industry standards 

  • Strong understanding of relevant regulations and compliance requirements 

  • Excellent communication and people skills, with the ability to influence and collaborate at all levels of the organization 

  • Exceptional problem-solving and decision-making abilities 

You’ll enjoy this role if: 

• You have proven success in developing and implementing successful cybersecurity strategies that align with business objectives 

• You operate as a strategic senior leader by creating a vision and goals for the function 

• You’re a cybersecurity leader with a passion for protecting data and practical experience to drive information security maturity  

You won’t enjoy this role if: 

• You're not looking to be hands on. While this is a strategic senior role, we do expect that this individual will help contribute to the security goals and tasks, as needed. 

Benefits and Perks:

🌍Remote work environment with a flexible work schedule to encourage work-life balance

✈Annual company offsite

🌴Generous leave package including flexible time off policy that encourages team members to take time off to relax and recharge; plus 13 paid holidays, paid sick leave, and paid parental leave

💙 Medical, dental, and vision insurance for you and your family, plus a company funded FSA & HSA, dependent on which medical plan you choose

💰401(k) company match

💸One-time workspace reimbursement to help you optimize your remote workspace

DoseSpot is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.