RemoteLeaf Logo
Log in Sign up

Director of IT & Security, CISO

1 month, 1 week ago
United States
Full-time
Executive
DevOps Engineer
DevOps and Infrastructure
AWS CI/CD CrowdStrike DevSecOps HIPAA Penetration Testing
Apply Now
Redox

Redox

Redox is a top integration platform enabling seamless interoperability between healthcare software and EHRs, accelerating implementations, reducing costs, and empowering healthcare innovators to bring cutting-edge solutions to market efficiently.

Internet Software & Services
51-250
$95M raised
View All Jobs 14

Description

  • Own the end-to-end security strategy across cloud, application, infrastructure, and corporate environments.
  • Define and execute a pragmatic security roadmap aligned to business risk, regulatory requirements, and engineering velocity.
  • Serve as executive owner for security posture, risk management, and incident response.
  • Drive a DevSecOps-first operating model by embedding security into CI/CD pipelines, infrastructure as code, and developer workflows.
  • Lead threat modeling, secure design reviews, and risk assessments for new platform initiatives.
  • Own security architecture and operations for a primarily AWS-based environment.
  • Lead application security programs including secure SDLC, dependency scanning, SAST/DAST, penetration testing, and vulnerability management.
  • Own identity and access management strategy, with Okta as the backbone.
  • Build and run security operations, including monitoring, investigation, incident response, and post-incident learning.
  • Own corporate IT strategy and execution, including end-user computing, device management, and SaaS access governance.
  • Drive automation and standardization across onboarding, offboarding, access management, and device lifecycle.
  • Lead and mentor a high-performing team across security engineering, security operations, and IT.

Requirements

  • 10+ years of experience in information security, IT, or related technical leadership roles.
  • 5+ years of people management experience, ideally in healthcare technology SaaS.
  • Experience leading security engineering, security operations, and corporate IT in a cloud-native SaaS environment.
  • Direct experience in healthcare or another highly regulated industry.
  • Proven track record implementing DevSecOps practices.
  • Deep hands-on experience securing AWS environments.
  • Strong understanding of endpoint security, identity systems, and modern SaaS IT stacks.
  • Practical knowledge of tools such as CrowdStrike, Okta, Flashpoint, RAD, and related platforms.
  • Strong foundation in application security, cloud security, and infrastructure as code.
  • Ability to work in the U.S. and reside/work in the continental U.S.
  • Preferred experience securing autonomous agentic loops and tool-calling frameworks.
  • Preferred experience with indirect prompt injection, human-in-the-loop guardrails, MCP security, and continuous compliance.
  • Preferred experience migrating security programs to Vanta or similar automated GRC platforms.
  • Preferred hands-on application of the NIST AI RMF and OWASP Top 10 for LLMs in production environments.

Benefits

  • Base salary range of $224,000 to $260,000 per year.
  • Stock options as part of the total rewards package.
  • 100% remote-first culture for U.S.-based employees.
  • Unlimited flexible time off.
  • 15+ observed holidays.
  • Rest & R^Charge days with a guaranteed three-day weekend each month.
  • R^Charge sabbatical: 6 weeks paid sabbatical plus stipend.
  • 401(k) match of 50% up to 8% starting on Day 1.
  • Medical, dental, and vision coverage starting on Day 1.
  • HSA, FSA, life, disability, medical travel, and employee assistance program benefits.
  • Paid parental leave of 16 weeks.
  • Productivity stipend and wellness fund.
  • Redox-issued MacBook.
  • Virtual and/or in-person team and company events.
  • Employee referral bonus program.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

INflow Federal

DevSecOps Engineer

INflow Federal 51-250 Aerospace & Defense

INflow Federal is seeking a fully remote DevSecOps Engineer to support an enterprise case management solution for Department of Defense mission partners by securing and automating cloud-based CI/CD and infrastructure operations in AWS GovCloud.

United States Full-time Senior DevOps Engineer Security Engineer
Agile AWS Bash CI/CD CloudFormation Docker ELK Stack Git GitLab CI Helm Jenkins Kubernetes PowerShell Prometheus Python Terraform
1 hour ago
Klaviyo

Lead Security Engineer, Enterprise Security

Klaviyo 1K-5K IT Services

Klaviyo is hiring a Lead Security Engineer to secure its corporate systems and platforms across SaaS, identity, endpoints, Zero Trust networking, and perimeter security.

United States Full-time Lead Security Engineer
$175k-$263k
AWS Azure Cloudflare CrowdStrike GCP OAuth Secrets Management Terraform Vercel
1 hour, 40 minutes ago
Anduril Industries

Senior Detection and Response Engineer

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Senior Detection and Response Engineer to build and operate defensive security controls that protect the infrastructure supporting its defense technology products.

United States Full-time Senior Security Engineer
$166k-$220k
AWS Azure CI/CD CloudFormation Docker GitHub Go Kubernetes Network Security Python Rust SQL Terraform
3 hours, 21 minutes ago
Klaviyo

Lead Security Engineer, Enterprise Security

Klaviyo 1K-5K IT Services

Klaviyo is hiring a Lead Security Engineer to secure its corporate systems and platforms across SaaS, identity, endpoints, Zero Trust networking, and perimeter defenses in a hands-on technical leadership role.

United States Full-time Lead Security Engineer
$175k-$263k
AWS Azure Cloudflare CrowdStrike GCP OAuth OpenID Connect Secrets Management Terraform Vercel
3 hours, 53 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers