← Back to jobs
Bicyclehealth
Bicyclehealth

Director, Information Security

engineeringfull-timeRemote
SALARY
$175k – $200k/yr
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
healthcare
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

About the Role

As the Director, Information Security, you will be the architect of our enterprise security posture during a pivotal stage of our growth. With tens of millions of dollars in revenue and at a growth stage, we are transitioning from "startup security" to an enterprise-grade program. Ultimately the goal of this role is make our Information Security, Trust & Compliance practices a competitive differentiator for Bicycle Health.

Your primary mission is to build the team, processes, and technical controls required to protect our highly sensitive patient data while navigating the intersection of HIPAA and 42 CFR Part 2. You will own the 12–24 month roadmap to achieve HITRUST Certification, ensuring that our security practices are not only effective but are measurable, auditable, and scalable. This is a role for a builder who understands that true security in healthcare requires a balance of rigorous engineering (AppSec/SecOps) and disciplined governance.

What We Are Looking For

  • Proven Audit Success: 10+ years in Information Security, with direct experience leading at least one organization through a successful HITRUST CSF or SOC2 Type II (healthcare focus) certification.
  • Healthcare Regulatory Expertise: Expert-level knowledge of HIPAA and a working understanding of 42 CFR Part 2. Experience managing the privacy nuances of controlled substance prescribing is a significant plus.
  • Startup-to-Enterprise Growth: Experience in a Series C+ environment, with the ability to build programs from the ground up while maintaining operational stability.
  • Technical Breadth: A strong background in both AppSec (securing SaaS products) and SecOps (defending cloud infrastructure). You should be comfortable speaking "code" with engineers and "risk" with the Board.
  • Leadership Persona: Exceptional communication skills with the ability to influence remote teams and drive cross-departmental initiatives. Demonstrated ability to mentor and develop security team members while fostering a collaborative, low-ego working environment across technical and non-technical stakeholders.

Certifications

CISSP, CISM, or CCSFP (Certified CSF Practitioner) are highly desirable.

Benefits

  • Discretionary PTO + 8.5 days of additional sick time + 10 paid holidays
  • Paid parental leave
  • 100% Employer Paid Employee Medical, Dental, and Vision Insurance
  • Employer Paid STD & LTD
  • 401k
  • $50 monthly Remote Work Stipend
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $14.99/mo. Cancel anytime.
Join waitlist
Apply now