Sr. Director, Information Security & Cloud Operations

Benefits

Additional Information

Who Are We? Prolaio believes that continuous learning and collaboration can make a significant difference in how heart care is administered. We are creating smarter ways to address heart disease and heart risks by uniting patients, care teams, and researchers on a secure, technology-enabled platform that drives clinical innovation and offers a path towards better patient outcomes. This is precision cardiology, and we know it's within reach. What Will You Do? The Overview The Sr. Director, Information security & Cloud Operations will be the senior leader shaping how Prolaio secures its AI‑driven, cloud‑first healthcare platform, owning the information security and cloud infrastructure strategy that underpins every product, trial, and patient interaction. This role designs and operates a continuous security and continuous compliance model that keeps Prolaio ahead of HITRUST, ISO 27001, ISO 42001, HIPAA, and FDA expectations, while still enabling the speed and flexibility required to innovate in AI‑powered products and decentralized clinical solutions. This is a role for an innovative security and cloud leader who prefers modern DevSecOps, security as code, and AI native approaches over purely policy driven models, using smart guardrails to manage risk, earn regulator and customer trust, and fuel Prolaio's growth. The Specifics Define and execute Prolaio's enterprise information security strategy, aligned with Prolaio's business goals, clinical programs, and AI product roadmap. Establish and maintain security policies, standards, and procedures covering access control, data governance, cryptography, incident response, and IT/clinical risk management with a focus on continuous improvement Lead the design and implementation of a continuous security and continuous compliance framework (e.g., security-as-code, compliance-as-code, automated controls testing) to support HITRUST, ISO 27001, ISO 42001, HIPAA, FDA, 21 CFR Part 11, GxP/CSV/CSA, and data privacy requirements. Architect and operationalize pipelines for continuous monitoring of security controls, configuration drift, vulnerabilities, and compliance posture across cloud, on-prem, and edge environments. Own the enterprise cybersecurity program, including threat modeling, vulnerability management, identity and access management, data protection, endpoint security, and incident response. Collaborate with AI and product engineering teams to defend against AI-specific threats such as model extraction, prompt injection, model poisoning, data leakage, and abuse of AI-generated content. Lead the architecture, deployment, and operation of Prolaio's cloud infrastructure (e.g., GCP) to ensure high availability, scalability, and cost efficiency for clinical, operational, and AI workloads. Partner with the CDAO and AI engineering teams to define and enforce policies for training data governance, model lifecycle management, AI model validation, and ethical/secure use of AI. Define and monitor vendor SLAs, DPAs, and shared responsibility models, ensuring vendors support Prolaio's certification goals and regulatory obligations. Foster a culture of innovation, experimentation, and learning within the security and cloud organization, balancing risk management with enabling rapid product delivery and AI-driven capabilities. Maintain clear ownership boundaries and collaboration models with the CIO (enterprise IT), CDAO (data & analytics), CPO/Engineering (product software), and Operations (Clinical and Supply Chain) to ensure coherent architecture and governance. Why Prolaio? Impactful Work: You will join in the fight against heart failure (HF) and hypertrophic cardiomyopathy (HCM) with the goal of extending and saving the lives of our patients while also being at the forefront of changing the healthcare industry through technology. Innovative Environment : You will be part of an organization doing something that's never been done before. Professional Growth : You will join a growing team and have a substantial impact on our daily and future operations with the opportunity to continuously learn and grow. Collaborative Team : You will be part of a team of collaborative, curious, and committed individuals focused on the collective good, inclusiveness, scientific excellence, and advancing digital health for cardiology. Who You Are? Bachelor's degree in computer science, Engineering, Information Security, Information Systems, or related field. At least 15 years of experience in healthcare, biotech, medtech, or other regulated healthcare environments, with direct responsibility for information security in complex, multi-stakeholder settings. At least 5 years of experience serving as a Sr. Director of Information Security and Cloud Operations, or equivalent senior leadership role accountable for enterprise security and cloud operations in regulated environments in healthcare. Demonstrated experience designing and operating information security programs th

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at prolaio? Share your experience