Jobs · himalayas

T

Virtual Chief Information Security Officer (vCISO)

Northwind Robotics · United States · Posted 14d ago

remoteContractEstimated 131k-280k USD🇺🇸 United States
Apply on himalayas

About the role

Oversee and strengthen information security and compliance for a remote healthcare organization.

Location: Remote (United States) Type: Fractional / Contract Compensation: Competitive, based on experience and scope About Northwind Robotics Northwind Robotics is a digital health platform transforming family wellness by addressing critical gaps in mental, behavioral, and nutritional health. We partner with providers, employers and ultimately families to provide accessible, evidence-based mental health resources that improve patient outcomes, increase provider capacity, and boost clinic financials. With growing demand for tailored, mental health resources amidst a shortage of providers (with wait times exceeding 4-6 weeks), Northwind Robotics is uniquely positioned to solve a critical gap in care for families and clinics. As we grow our collaborative care offering we are adding to our team. The Opportunity Northwind Robotics is seeking a Virtual Chief Information Security Officer (vCISO) to oversee and continuously strengthen our information security, IT operations, and compliance posture. As a fully remote healthcare organization, we rely on secure, scalable technology systems to support our employees, patients, and provider partners. This role combines strategic information security leadership with hands-on operational oversight. The ideal candidate will serve as Northwind Robotics 's trusted security advisor, ensuring our systems remain secure, compliant, and audit-ready while providing responsive support to our growing remote workforce. Responsibilities Information Security & Compliance Own the strategy, design, implementation, and continuous improvement of Northwind Robotics 's information security and compliance program. Ensure ongoing compliance with HIPAA and healthcare security best practices. Lead readiness efforts for future SOC 2 certification and other security frameworks as needed. Develop, maintain, and document security policies, procedures, and controls. Coordinate security incident response, investigation, remediation, and post-incident reviews. Support customer security questionnaires, audits, and compliance requests. Partner with leadership to identify, assess, and mitigateinformation security risks. IT Operational Oversight Manage and oversee an IT MSP or MSSP who can: Implement security controls and compliance within SaaS vendors and IT systems Provide tiered end-user support for hardware, software, and SaaS application issues Provide device and asset management Manage identity and access, including systems for onboarding and offboarding Maintain system documentation, operating procedures, and technology standards. Recommend and implement improvements to strengthen security, scalability, and user experience. Vendor Risk Management Conduct security reviews of third-party vendors and software platforms. Maintain required security documentation, including BAAs, DPAs, SOC reports, and related compliance artifacts. Monitor vendor compliance and support periodic risk assessments. Qualifications 7+ years of experience in information security, IT administration, compliance, or related roles. Experience serving as a vCISO, security leader, or senior security consultant. Strong knowledge of HIPAA Security Rule requirements and healthcare security best practices. Experience preparing organizations for SOC 2 audits and other compliance frameworks. Experience supporting early-stage startups or high-growth healthcare organizations. Hands-on experience administering Google Workspace, identity management platforms, endpoint management tools, and SaaS environments. Familiarity with remote workforce security and cloud-first technology environments. Excellent documentation, communication, and stakeholder management skills. Ability to operate independently while serving as a strategic advisor to company leadership. Preferred Qualifications Experience working with and configuring cloud-native SaaS stacks for regulatory compliance, such as Vanta, 1Password, Google Workspace, Rippling, and other cloud-based healthcare technology platforms. Success in This Role The successful vCISO will ensure that: Northwind Robotics maintains a strong security and compliance posture. Security controls are documented, monitored, and continuously improved. Systems remain reliable and well-supported for a fully remote workforce. Customer security reviews and audits are completed efficiently and confidently. Northwind Robotics remains audit-ready and positioned for future compliance milestones, including SOC 2 readiness. IT issues, including onboarding and offboarding, are handled securely and consistently. Originally posted on Himalayas

Read the full posting on himalayas

FAQ

Is the Virtual Chief Information Security Officer (vCISO) role at Northwind Robotics remote?+

This Virtual Chief Information Security Officer (vCISO) position is listed as remote (United States).

What is the salary for the Virtual Chief Information Security Officer (vCISO) role at Northwind Robotics?+

The listing states Estimated 131k-280k USD.

What seniority level is this Virtual Chief Information Security Officer (vCISO) role?+

This is a unknown level position.

How do I apply for the Virtual Chief Information Security Officer (vCISO) role at Northwind Robotics?+

Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Northwind Robotics.