Chief Information Security Officer

at SimplePractice
  • $260k-$310k
  • Remote - United States

Remote

Cybersecurity

Executive

Job description

About Us

At SimplePractice, our team is dedicated to improving the health and wellness industry by building a suite of innovative solutions for practitioners and their clients. Our product supports practitioners on their clinical journey to becoming licensed, helps them manage their business and practice once they’re up and running, and enables new clients to discover and interact with practitioners. Taking a practitioner-first approach in everything we do makes it possible for health and wellness practitioners to devote more time to their clients while they use SimplePractice to start, grow, and maintain a successful private practice.

The Role

As the Chief Information Security Officer you will develop, implement and maintain a comprehensive cybersecurity, application security, and risk management strategy. The CISO will head our security organization, which  is responsible for all aspects of information security within the company and will lead our compliance efforts in the areas of strategy, enforcement, auditing, detection, prevention and response.

This is a VP level role that will report to the Chief Legal Officer and will work closely with the CEO, executive team and the Board. The CISO will be ultimately responsible for ensuring that the security and privacy needs of our customers are met or exceeded while aligning the security strategy with business goals.

The ideal candidate for this role will have all of the requisite experience and skills to lead the internal efforts to secure our production and corporate environments in the heightened threat environment today. An ideal CSO candidate has the experience of building a cybersecurity program from the ground up and is a strong, execution-oriented individual. In addition, we view security and security compliance as strategically differentiated in our product offering and the CISO will be expected to demonstrate strong business acumen and a history of working with the business teams to drive commercial success.

Finally we expect our CISO to educate, evangelize, and promote a culture of security as a shared responsibility for all team members and provide the necessary tools and education to succeed.

Responsibilities:

  • Create and own execution of the long-term cybersecurity and application security vision, strategy and roadmap, aligned with SimplePractice’s growth and product roadmap
  • Protect the privacy, availability, and integrity of client data
  • Establish proactive security measures to detect, prevent and mitigate cyberattacks (threat intelligence)
  • Partner with teams across the organization to establish and sustain a security-conscious culture, including the development and implementation of security policies, standards, guidelines and awareness programs
  • Provide thought leadership on contemporary security operations and be a market leader in establishing trust through security
  • Support GTM strategies to utilize security and compliance for commercial benefit
  • Anticipate strategic and scaling-related difficulties through collaborative long-term planning with key stakeholders, including  identifying, assessing, and mitigating security risks.
  • Conduct ongoing evaluations of SimplePractice’s risk profile, identifying gaps and implementing a robust risk management framework
  • Oversee the management of enterprise-wide cybersecurity programs, including incident response and crisis management, 24x7 security operations, security architecture, security contingency plans and threat intelligence
  • Identify and mitigate security risks, recommending both technical and business controls to prevent vulnerabilities
  • Ensure compliance with applicable security regulations (such as HIPAA, HITRUST, PCI)
  • Obtain and maintain certifications that establish credibility in the marketplace. Deliver overall strategy for future certifications.

Desired Skills & Experience:

  • 12-15+ years of experience building and scaling information security, risk management and compliance programs within large, complex organizations
  • Previous experience as a CISO or equivalent at a SaaS company or healthcare provider.  Preference given to candidates with prior experience in digital health and/or to candidates with Product Led Growth and small business customer base
  • Deep expertise in security, privacy and IT audit frameworks, such as HITRUST CSF and regulatory standards such as HIPAA and PCI
  • Extensive experience with risk management, incident response, crisis management threat intelligence and developing secure business practices
  • Strong experience in technical security areas including penetration testing, vulnerability management, mobile security, cloud security and network security
  • Experience with secure coding practices, identity and access management and security incident response
  • Strong communication skills with demonstrated ability to communicate complex surety concepts to executive leaders, to customers and other non-technical audiences
  • Experience working with high velocity software deployment environments
  • Demonstrated people management skills - ability to motivate, mentor and grow a small team of highly committed security professionals while balancing strategic vision and day-to-day operations
  • A passion for helping private practices thrive in the mental wellness space
  • Bachelor’s degree in a related field; advanced certifications such as CISSP, CISM or CISA preferred

Base Compensation Range

$260,000 - $310,000 annually

Base salary is one component of total compensation. Employees may also be eligible for an annual bonus, equity or commission. Some roles may also be eligible for overtime pay.

The above represents the expected base compensation range for this job requisition. Ultimately, in determining your pay, we’ll consider many factors including, but not limited to, skills, experience, qualifications, geographic location, and other job-related factors.

Benefits

We offer a competitive benefits program including:

  • Medical, dental, vision, life & disability insurance
  • 401(k) plan with company match
  • Flexible Time Off (FTO), wellbeing days, paid holidays, and summer Fridays
  • Mental health resources
  • Paid parental leave & Backup Care
  • Tuition reimbursement
  • Employee Resource Groups (ERGs)

California Job Applicant Privacy Notice

Thank you for your interest in opportunities at SimplePractice LLC (“SimplePractice” or “us” or “we” or “our”). Please note that when you submit your resume or application materials to us for employment purposes, you are subject to the SimplePractice California Job Applicant Privacy Notice.

For more information about our privacy practices, please contact us at [email protected].

Share this job:
Please let SimplePractice know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

SimplePractice logo

SimplePractice

  • 201-500 employees
  • Founded in 2012
  • 16 remote jobs

Latest Jobs at SimplePractice

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply now