RemoteLeaf Logo
Log in Sign up

Director of IT & Security, CISO

2 weeks, 6 days ago
United States
Full-time
Executive
DevOps Engineer
DevOps and Infrastructure
AWS CI/CD CrowdStrike DevSecOps HIPAA Penetration Testing
Apply Now
Redox

Redox

Redox is a top integration platform enabling seamless interoperability between healthcare software and EHRs, accelerating implementations, reducing costs, and empowering healthcare innovators to bring cutting-edge solutions to market efficiently.

Internet Software & Services
51-250
$95M raised
View All Jobs 14

Description

  • Own the end-to-end security strategy across cloud, application, infrastructure, and corporate environments.
  • Define and execute a pragmatic security roadmap aligned to business risk, regulatory requirements, and engineering velocity.
  • Serve as executive owner for security posture, risk management, and incident response.
  • Drive a DevSecOps-first operating model by embedding security into CI/CD pipelines, infrastructure as code, and developer workflows.
  • Lead threat modeling, secure design reviews, and risk assessments for new platform initiatives.
  • Own security architecture and operations for a primarily AWS-based environment.
  • Lead application security programs including secure SDLC, dependency scanning, SAST/DAST, penetration testing, and vulnerability management.
  • Own identity and access management strategy, with Okta as the backbone.
  • Build and run security operations, including monitoring, investigation, incident response, and post-incident learning.
  • Own corporate IT strategy and execution, including end-user computing, device management, and SaaS access governance.
  • Drive automation and standardization across onboarding, offboarding, access management, and device lifecycle.
  • Lead and mentor a high-performing team across security engineering, security operations, and IT.

Requirements

  • 10+ years of experience in information security, IT, or related technical leadership roles.
  • 5+ years of people management experience, ideally in healthcare technology SaaS.
  • Experience leading security engineering, security operations, and corporate IT in a cloud-native SaaS environment.
  • Direct experience in healthcare or another highly regulated industry.
  • Proven track record implementing DevSecOps practices.
  • Deep hands-on experience securing AWS environments.
  • Strong understanding of endpoint security, identity systems, and modern SaaS IT stacks.
  • Practical knowledge of tools such as CrowdStrike, Okta, Flashpoint, RAD, and related platforms.
  • Strong foundation in application security, cloud security, and infrastructure as code.
  • Ability to work in the U.S. and reside/work in the continental U.S.
  • Preferred experience securing autonomous agentic loops and tool-calling frameworks.
  • Preferred experience with indirect prompt injection, human-in-the-loop guardrails, MCP security, and continuous compliance.
  • Preferred experience migrating security programs to Vanta or similar automated GRC platforms.
  • Preferred hands-on application of the NIST AI RMF and OWASP Top 10 for LLMs in production environments.

Benefits

  • Base salary range of $224,000 to $260,000 per year.
  • Stock options as part of the total rewards package.
  • 100% remote-first culture for U.S.-based employees.
  • Unlimited flexible time off.
  • 15+ observed holidays.
  • Rest & R^Charge days with a guaranteed three-day weekend each month.
  • R^Charge sabbatical: 6 weeks paid sabbatical plus stipend.
  • 401(k) match of 50% up to 8% starting on Day 1.
  • Medical, dental, and vision coverage starting on Day 1.
  • HSA, FSA, life, disability, medical travel, and employee assistance program benefits.
  • Paid parental leave of 16 weeks.
  • Productivity stipend and wellness fund.
  • Redox-issued MacBook.
  • Virtual and/or in-person team and company events.
  • Employee referral bonus program.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Arize AI

DevSecOps Engineer (TypeScript & Agentic AI)

Arize AI 51-250 IT Services

Arize AI is hiring a remote IT Support Specialist to support Mac-only endpoints, cloud systems, and compliance operations for a distributed team.

United States Full-time Junior Security Engineer Systems Administrator
Confluence GitHub JIRA TypeScript
42 minutes ago
JMA Wireless

IT Infrastructure Security Operations Engineer

JMA Wireless 251-1K Wireless Telecommunication Services

JMA is hiring an IT Infrastructure Security Operations Engineer in Syracuse, NY to own the day-to-day security posture of its enterprise infrastructure and keep Windows and Linux environments continuously hardened and audit-ready.

United States Full-time Senior Security Engineer
$100k-$120k
Active Directory Ansible Bash Linux PowerShell Puppet Python SIEM
1 hour, 18 minutes ago
TEECOM

Associate Principal - Security

TEECOM 51-250 Construction & Engineering

TEECOM is hiring an Associate Principal, Security to lead mid-sized multidisciplinary project delivery in a remote UK-based role, overseeing discipline design from programming through closeout while strengthening coordination, documentation, and client relationships.

United Kingdom Full-time Senior Security Engineer
$115k-$143k
Agile Asana GitHub
1 hour, 28 minutes ago
Weekday

Backend Ops Engineer Role

Weekday 11-50 Construction & Engineering

Weekday’s client is hiring a remote DevOps / Site Reliability Engineer in India to own cloud infrastructure and platform operations for a fast-scaling, AI-first environment.

India Full-time Junior DevOps Engineer
$24k-$42k
AWS Azure CI/CD Docker GCP GitHub Actions Grafana LLM OpenTelemetry Prometheus Terraform
2 hours, 25 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers