VP of Information Security

United StatesRemoteFull-timeexecutive

SecurityOtherInformation Security

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

About Lyra Health Lyra Health is the leading provider of mental health solutions for employers supporting more than 20 million people globally.

Technical Tools

SecurityOtherInformation Security

About Lyra Health

Lyra Health is the leading provider of mental health solutions for employers supporting more than 20 million people globally. The company has delivered 13 million sessions of mental health care, published more than 20 peer-reviewed studies, and delivered unmatched outcomes in terms of access, clinical effectiveness and cost efficiency. Extensive peer-reviewed research confirms Lyra’s transformative care model helps people recover twice as fast and results in a 26% annual reduction in overall healthcare claims costs. Lyra is transforming access to life-changing mental health care through Lyra Empower, the only fully integrated, AI-powered platform combining the highest-quality care and technology solutions.

About the Role:

We are seeking an experienced and visionary VP of Information Security to lead and manage our organization's information security strategy, program, and operations. The VP will be responsible for protecting our technology systems, intellectual property, and data from evolving cyber threats. This role requires a strategic leader with deep technical expertise, strong business acumen, and the ability to communicate complex security concepts to both technical teams and executive leadership. This role reports into our Chief Product and Technology Officer.

Security Strategy and Governance:

Develop, implement, and maintain a comprehensive, long-term, global information security strategy aligned with business objectives and risk tolerance.

Refine and enforce security policies, standards, and procedures across the organization.

Report on the organization's security posture and risk profile to the executive team and the Board of Directors.

Security Operations and Incident Response:

Establish and lead the security operations center (SOC) and incident response teams.

Develop and execute an incident response plan to ensure swift detection, containment, and recovery from security breaches.

Oversee the management of security technologies.

Security Architecture and Technology:

Provide strategic direction for the design and implementation of secure enterprise and cloud infrastructure.

Stay current with emerging cybersecurity threats, technologies, and best practices.

Evaluate and recommend new security technologies and services to enhance the organization's defenses.

Risk Management and Compliance:

Lead the identification, assessment, and mitigation of security risks and vulnerabilities.

Ensure the organization's compliance with relevant industry standards and regulatory frameworks (e.g., GDPR, HIPAA, ISO 27001, SOX).

Vendor and Third-Party Risk:

Manage and assess the security risks associated with third-party vendors and partners.

Continue hardening vendor risk management program to ensure supply chain security.

Leadership and Team Management:

Mentor, and lead a high-performing information security team.

Continue fostering a culture of cybersecurity awareness across all departments through training and communication programs.

Maintain strong working relationships with cross-functional teams, including DevOps, IT, Legal, Privacy, Engineering, Data and integrate security into business processes.

Bachelor's degree in Computer Science, Information Security, or a related field.

12+ years of progressive experience in information security, with at least 5 years in a senior leadership role.

Proven experience in developing and executing an enterprise-wide, global information security program.

Demonstrated experience in managing security incidents and leading crisis response efforts.

Bonus points for experience leading one or more of HiTrust, ISO, SOC, FedRamp/GovRamp audits.

Certified Information Systems Security Professional (CISSP)

Certified Information Security Manager (CISM)

Certified in Risk and Information Systems Control (CRISC)

Certified Chief Information Security Officer (CCISO)