At Collective Health, we’re transforming how employers and their people engage with their health benefits by seamlessly integrating cutting-edge technology, compassionate service, and world-class user experience design.

We all depend on healthcare throughout our lifetimes, for ourselves, and our families and friends, but it is notoriously difficult to navigate and understand. As an industry that comprises 20% of the US economy we think healthcare should work better for all of us. At Collective Health we believe it’s time for a new day in healthcare where as members we are informed and empowered to make the right care choices when the decisions are urgent and critical.

The CISO and Vice President of Engineering will be responsible for overseeing the strategic direction, development, and operation of the company's Cyber Security, Cloud infrastructure & SRE, and IT practices. The CISO will lead the information security team, collaborate continuously with the company’s Privacy, Risk, and Compliance Team, and help business leaders—and our board—ensure that security resources and practices align to business needs, priorities, and requirements. This role requires a visionary leader who can drive innovation, optimize processes, and ensure the security and reliability of our systems.

What you will do:

  • Leadership and Strategy:
    • Develop and implement a comprehensive security and IT/ cloud infrastructure strategy that supports the company’s overall business objectives.
    • Lead, mentor, and manage a high-performing team of security SRE, and IT professionals.
    • Foster a culture of innovation, continuous improvement, and collaboration within the department.
    • Work with senior leadership to align security and IT initiatives with business goals.
  • Cyber Security :
    • Establish and maintain an enterprise-wide information security management program with clear information security policies and procedures.
    • In partnership with Chief Privacy and Compliance officer, update and guide senior leadership and the Board of Directors on current cyber threats, issues, and risks, and provide regular status updates on progress and status of initiatives and operations.
    • Oversee the information security organization with an emphasis on the effectiveness of security controls
    • Manage security incidents and events to include containment, communication and coordination across all relevant business functions
    • Establish and maintain disaster recovery and business continuity plans
  • Cloud infrastructure and SRE Management:
    • Oversee the development and implementation of DevSecOps practices to improve software delivery and operational efficiency.
    • Promote a culture of automation, continuous integration, and continuous deployment (CI/CD).
    • Ensure high reliability and uptime for the cloud applications
  • IT Infrastructure and Operations:
    • Oversee the management and maintenance of IT infrastructure, including networks, servers, databases, and cloud environments.
    • Ensure the security, scalability, and reliability of IT systems.
    • Implement and maintain disaster recovery and business continuity plans.
  • Budgeting and Resource Management:
    • Develop and manage the departmental budget, ensuring cost-effective use of resources.
    • Allocate resources to various projects and initiatives based on strategic priorities.
  • Stakeholder Engagement:
    • Collaborate with other departments to understand their IT needs and provide solutions that support their goals.
    • Communicate IT strategy, progress, and performance to executive leadership and stakeholders.

To be successful in this role, you'll need:

  • Bachelor’s degree in Computer Science, Information Technology, or a related field; Master’s degree preferred.
  • 15+ years of experience leading teams with at least 5 years in a Director and above role leading cyber security teams in a product development environment
  • Strong security architecture background with experience building and driving a cyber security strategy and framework
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, NIST , HITRUST and HIPAA compliance requirements
  • Experience with leading control assessments such as SOC 1/SOC 2 
  • Deep healthcare expertise and Security certifications such as CISSP are preferred
  • 5+ Experience building cloud infrastructure in AWS and automating infrastructure thru infrastructure as code practices 
  • Strong understanding of cloud technologies, cybersecurity, and IT best practices.
  • Experience with GCP will be nice to have
  • Excellent leadership, communication, and interpersonal skills.
  • Ability to think strategically and align IT initiatives with business goals.
  • Strong problem-solving and decision-making skills.
  • Experience in budget management and resource allocation.

Pay Transparency Statement 

This is a hybrid position based out of our San Francisco office, with the expectation of being in office at least two weekdays per week. #LI-hybrid

The actual pay rate offered within the range will depend on factors including geographic location, qualifications, experience, and internal equity. In addition to the salary, you will be eligible for stock options and benefits like health insurance, 401k, and paid time off. Learn more about our benefits at https://jobs.collectivehealth.com/benefits/.

San Francisco, CA Pay Range
$295,500$370,000 USD

Why Join Us?

  • Mission-driven culture that values innovation, collaboration, and a commitment to excellence in healthcare
  • Impactful projects that shape the future of our organization
  • Opportunities for professional development through internal mobility opportunities, mentorship programs, and courses tailored to your interests
  • Flexible work arrangements and a supportive work-life balance

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Collective Health is committed to providing support to candidates who require reasonable accommodation during the interview process. If you need assistance, please contact recruiting-accommodations@collectivehealth.com.

Privacy Notice

For more information about why we need your data and how we use it, please see our privacy policy: https://collectivehealth.com/privacy-policy/.

Apply for this Job

* Required
resume chosen  
(File types: pdf, doc, docx, txt, rtf)
cover_letter chosen  
(File types: pdf, doc, docx, txt, rtf)


Demographic Questions

Collective Health is an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Completion of this form is entirely voluntary. Should you choose to respond, any responses will be kept 100% confidential, They will not be used to make hiring decisions, and will only be used in aggregate to evaluate the equity of our hiring practices.

How would you describe your gender identity? (mark all that apply)




How would you describe your racial/ethnic background? (mark all that apply)










How would you describe your sexual orientation? (mark all that apply)







Do you identify as transgender? (Select one)



Do you have a disability or chronic condition (e.g. physical, visual, auditory, cognitive, mental, emotional) that substantially limits one or more of your major life activities, including mobility, communication (seeing, hearing, speaking), and learning? (Select one)



Are you a veteran or active member of the United States Armed Forces? (Select one)




Enter the verification code sent to to confirm you are not a robot, then submit your application.

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.