Vice President, Information Technology & Security

Summary

Join Virta Health as Vice President of Information Technology and Security, a critical leadership role responsible for defining and executing the security and IT vision. You will lead efforts to architect and build secure, scalable systems for mission-critical applications, ensuring enterprise security and IT operations enable productivity and resilience. This role blends deep technical expertise with strategic oversight and cross-functional leadership, impacting product design and employee experience. You'll be instrumental in enabling Virta's AI efforts to scale securely, allowing developers to focus on complex problem-solving. The position requires extensive experience in IT and cybersecurity, including senior leadership roles. Compensation is $225,000-$285,000 plus bonus and equity.

Requirements

• 15+ years of IT and cybersecurity experience, including 5+ years in senior leadership roles (VP, Senior Director)
• Proven leadership experience in both information security and corporate IT domains
• Demonstrated success securing enterprise applications and platforms, particularly in AI/ML or cloud-native environments
• Hands-on experience with IT framework, and cloud platforms such as Google Cloud Platform (GCP)
• Strong knowledge of secure software development practices, CI/CD, and developer enablement
• A track record of successfully managing IT operations, SaaS administration, endpoint security, and helpdesk experience
• Experience leading third-party certifications and audits (e.g., HIPAA, HITRUST, SOC 2, ISO 27001)
• Exceptional communication skills, with the ability to explain complex topics to technical and non-technical stakeholders, including Virta’s Executive leadership team and its Board of Directors
• A passion for enabling developers and employees by balancing security with usability

Responsibilities

• Lead product and application security strategy, including secure design, development, deployment, and monitoring
• Oversee secure configuration and continuous assessment of cloud environments (GCP), containers, APIs, and developer workflows
• Partner with engineering and product teams to embed secure-by-design practices and eliminate security and privacy risks early in the SDLC
• Drive secure delivery of our AI platform in compliance with regulatory and industry frameworks
• Own the full lifecycle of corporate IT, from onboarding to offboarding, including identity management, endpoint protection, and employee enablement
• Build and manage IT policies, practices, and tooling to ensure minimal friction for staff while maintaining rigorous security standards
• Oversee SaaS tool governance, device fleet security, and MDM configuration to protect company assets
• Ensure corporate infrastructure supports remote-first, distributed teams efficiently and securely
• Lead all aspects of security compliance programs and audits, including HIPAA, HITRUST, SOC 2, and ISO 27001
• Partner with legal, privacy, engineering, and operations to ensure risk assessments, policies, and controls meet evolving regulatory requirements
• Monitor controls for access, vulnerability management, incident response, and business continuity
• Hire, mentor, and manage high-performing teams across InfoSec, security engineering, and corporate IT
• Cultivate a culture of transparency, ownership, and continuous improvement
• Educate and empower employees on secure practices and foster cross-functional collaboration

Preferred Qualifications

• Experience in a high-growth startup or remote-first company
• Familiarity with MDM tools, SSO/IDP platforms (e.g., Okta), and SIEM solutions

Benefits

• Bonus and equity
• Remote work