Director, Security Operations & Infrastructure

Responsibilities

• Threat Response Leadership
• Own enterprise-wide security incident response -ensure the team can detect, triage, contain , eradicate, and recover from incidents across cloud, on-prem, SaaS, and endpoint environments with speed and precision.
• Maintain and continuously improve the incident response plan, playbooks, escalation procedures, and communication templates , ensuring they are tested, current, and aligned to NIST CSF 2.0.
• Serve as incident commander or executive sponsor for high-severity incidents; make real-time decisions on containment and remediation under pressure.
• Drive post-incident reviews that produce actionable findings, root-cause analysis, and measurable improvements-not just documentation.
• Coordinate threat response across US and India teams , ensuring consistent coverage, quality, and process regardless of geography.
• Partner with Legal & Privacy throughout the incident response lifecycle-ensuring timely notification assessments, evidence preservation, regulatory reporting obligations, and litigation hold requirements are met in coordination with response activities.
• Think ahead of the curve -continuously assess the threat landscape, identify emerging risks and attack vectors likely to impact Phreesia before they materialize, and develop contingency plans, tabletop exercises, and pre-positioned response strategies so the organization is prepared, not surprised.
• Security Infrastructure Leadership
• Own the security and IT tooling portfolio across the company: endpoint management (MDM, EDR), identity infrastructure, SIEM/SOAR, network security, vulnerability scanning, email security, cloud security posture man

Benefits

Additional Information

Job Description: Position Summary Phreesia is looking for a Director, Security Operations & Infrastructure to serve as a senior member of the CISO's leadership team and own the operational backbone of our security program. This role provides leadership, oversight, and hands-on guidance for two critical sub-teams: Threat Response and Security Infrastructure . The Threat Response team is responsible for enterprise-wide security incident detection, triage, containment, response , and forensics . The Security Infrastructure team owns all security and IT tooling across the company-endpoint management, identity infrastructure, SIEM/SOAR, network security appliances, cloud security tooling, and the platforms that keep every employee and system running in a dynamic, multi-cloud (AWS, Azure, GCP) and multi-OS (Windows, macOS, Linux) environment. This role is ideal for a deeply technical security leader who has personally responded to and led security incidents, and who can also build and manage a team of senior engineers and architects capable of running a broad tool portfolio consistently and to high customer satisfaction . The successful candidate has a technical background but is ruthlessly diligent about process, standards, execution, and being right -someone who treats operational excellence as a discipline, not an afterthought. A key objective of this role is to drive standardization, reliability, and security maturity across infrastructure and incident operations while enabling Phreesia's continued growth. The Director will function as a key contributor to our target-state enterprise and security architecture , ensuring that security tooling and incident response capabilities are considered early in the design of new products, platforms, and integrations. This position will be responsible for collaborating with the GRC, IAM, Security Architecture, Product & Engineering, and Phreesia leadership teams on emerging challenges and operational priorities. The Director will stay current on evolving threats, technologies, and operational best practices and will ensure our security operations program anticipates rather than reacts to changes. Candidates must be comfortable leading through both direct management and influence in a highly matrixed environment . You will directly manage threat response and infrastructure managers, while also driving outcomes through collaboration with engineering, product, and infrastructure teams across the company. This individual has hands-on experience building, running, and improving security operations and infrastructure programs in regulated data environments such as healthcare and payments, and is comfortable working across multiple compliance frameworks (PCI DSS, HITRUST, SOC 2, SOX ITGC, HIPAA/NIST) simultaneously. The ideal candidate demonstrates strong analytical, interpersonal communication skills, and operational management capabilities : able to triage complex incidents under pressure, design practical tooling strategies, oversee implementation and hardening, and present clear status and risk updates to senior executives. They should be equally comfortable leading a live incident bridge, reviewing a firewall change request, and walking a customer's security team through Phreesia's control environment. Job Responsibilities

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at phreesia? Share your experience