🛡️ Chief Information Security Officer (CISO)

by | Jul 1, 2025 | Uncategorized | 0 comments

Location: Remote (U.S. based, EST hours preferred)
Type: Full-Time | Reports to: Chief Technology Officer
Compensation: $150,000–$180,000 + up to 25% Annual Bonus

🏢 About the Role

Health-E Commerce is seeking a Chief Information Security Officer (CISO) to own and execute a forward-thinking information security strategy. As a key member of the Technology Leadership Team, the CISO will be responsible for maintaining enterprise-wide security standards, ensuring compliance with regulations like HIPAA, HiTrust, and PCI, and building a scalable security culture that protects our growing digital infrastructure.

This is a hands-on leadership role—ideal for someone ready to drive strategic initiatives, manage a lean security team, and collaborate across departments to protect sensitive data and ensure consumer trust.

🎯 Responsibilities

Strategy & Governance

  • Develop and lead a comprehensive information security strategy
  • Align cybersecurity efforts with business goals and regulatory requirements
  • Report risks, strategies, and incidents to executive leadership and the board

Compliance & Risk

  • Maintain compliance with HIPAA, PCI, HiTrust, and NIST
  • Conduct regular risk assessments and implement remediation plans
  • Oversee and perform audits, assessments, and incident responses

Security Operations

  • Lead Security Operations Center (SOC) and threat intelligence efforts
  • Deploy and manage tools like WAFs, endpoint protection, intrusion detection, and DDoS mitigation
  • Monitor for vulnerabilities, bot attacks, credential stuffing, and API threats

Data Protection & Privacy

  • Enforce robust data protection measures including encryption and access control
  • Collaborate with Legal and Compliance on data privacy regulations (CCPA, GDPR)

Culture & Leadership

  • Build and mentor a team of security analysts
  • Lead employee security training and awareness
  • Promote a security-first culture across the organization

🧠 Requirements

  • 15+ years of Cybersecurity experience with recent hands-on technical involvement
  • Bachelor’s in Computer Science or related field; Cybersecurity certifications strongly preferred
  • Proven experience maintaining HiTrust certification, and HIPAA/PCI compliance in a D2C/Ecommerce environment
  • Experience hiring, coaching, and leading security teams
  • Ability to collaborate cross-functionally with Engineering, IT, Legal, Compliance, and Ops

đź’¸ Compensation & Perks

  • Base Salary: $150,000–$180,000
  • Bonus: Up to 25% Annual Performance Bonus
  • Remote: 100% U.S.-based with EST hours
  • Benefits Include:
    • Medical, Dental, Vision
    • 401(k) with company match
    • Paid parental & bonding leave
    • Monthly internet & wellness reimbursements
    • Certification support & leadership coaching
    • Mental health resources
    • Generous PTO & company-wide holiday closures

Join a mission-driven company shaping the future of healthcare commerce, while leading a high-impact cybersecurity program that protects millions of users.

APPLY HERE

Submit a Comment

Your email address will not be published. Required fields are marked *