Director, Information Security

🕒 May 14

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Bicycle Health

WebsiteLinkedInAll Job Openings

51 - 200 employees

Founded 2017

⚕️ Healthcare Insurance

📡 Telecommunications

🧘 Wellness

Healthcare Insurance • Telecommunications • Wellness

Bicycle Health is the #1 telehealth treatment program for Opioid Use Disorder in the U. S. , providing safe, confidential, and cost-effective treatment entirely online. This innovative company allows patients to access experienced healthcare professionals through a secure app, offering Medication Assisted Treatment (MAT) and support services tailored for those struggling with opioid addiction. With a focus on patient care, Bicycle Health has helped over 30,000 patients and is recognized as a TIME100 Most Influential Company for its impact in the addiction treatment space.

📋 Description

• Build the team, processes, and technical controls required to protect our highly sensitive patient data while navigating the intersection of HIPAA and 42 CFR Part 2. • Own the 12–24 month roadmap to achieve HITRUST Certification, ensuring that our security practices are not only effective but are measurable, auditable, and scalable. • Make our Information Security, Trust & Compliance practices a competitive differentiator for Bicycle Health.

🎯 Requirements

• Proven Audit Success: 10+ years in Information Security, with direct experience leading at least one organization through a successful HITRUST CSF or SOC2 Type II (healthcare focus) certification. • Healthcare Regulatory Expertise: Expert-level knowledge of HIPAA and a working understanding of 42 CFR Part 2. Experience managing the privacy nuances of controlled substance prescribing is a significant plus. • Startup-to-Enterprise Growth: Experience in a Series C+ environment, with the ability to build programs from the ground up while maintaining operational stability. • Technical Breadth: A strong background in both AppSec (securing SaaS products) and SecOps (defending cloud infrastructure). You should be comfortable speaking "code" with engineers and "risk" with the Board. • Leadership Persona: Exceptional communication skills with the ability to influence remote teams and drive cross-departmental initiatives. • Certifications: CISSP, CISM, or CCSFP (Certified CSF Practitioner) are highly desirable.

🏖️ Benefits

• Discretionary PTO + 8.5 days of additional sick time + 10 paid holidays • Paid parental leave • 100% Employer Paid Employee Medical, Dental, and Vision Insurance • Employer Paid STD & LTD • 401k • $50 monthly Remote Work Stipend