Director, Information Security
Bicycle Health
IT
Remote
USD 175k-200k / year + Equity
The Opioid Epidemic is a public health crisis with a highly effective but underutilized clinical intervention - millions of Americans are physically dependent on Opioids but only 10% of those likely to have OUD actually access treatment. Bicycle Health addresses this gap by maximizing accessibility, affordability, and overall quality of care by enabling highly qualified clinicians to reach patients broadly and efficiently through our online platform.
As the Director, Information Security, you will be the architect of our enterprise security posture during a pivotal stage of our growth. With tens of millions of dollars in revenue and at a growth stage, we are transitioning from "startup security" to an enterprise-grade program. Ultimately the goal of this role is make our Information Security, Trust & Compliance practices a competitive differentiator for Bicycle Health
Your primary mission is to build the team, processes, and technical controls required to protect our highly sensitive patient data while navigating the intersection of HIPAA and 42 CFR Part 2. You will own the 12–24 month roadmap to achieve HITRUST Certification, ensuring that our security practices are not only effective but are measurable, auditable, and scalable. This is a role for a builder who understands that true security in healthcare requires a balance of rigorous engineering (AppSec/SecOps) and disciplined governance.
Location: Remote
Schedule: Full time (40 hrs) - Monday-Friday, normal business hours
Target Pay Range: $175,000-$200,000 + equity - Compensation to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with market data.
Benefits:
- Discretionary PTO + 8.5 days of additional sick time + 10 paid holidays
- Paid parental leave
- 100% Employer Paid Employee Medical, Dental, and Vision Insurance
- Employer Paid STD & LTD
- 401k
- $50 monthly Remote Work Stipend
What we are looking for:
- Proven Audit Success: 10+ years in Information Security, with direct experience leading at least one organization through a successful HITRUST CSF or SOC2 Type II (healthcare focus) certification.
- Healthcare Regulatory Expertise: Expert-level knowledge of HIPAA and a working understanding of 42 CFR Part 2. Experience managing the privacy nuances of controlled substance prescribing is a significant plus.
- Startup-to-Enterprise Growth: Experience in a Series C+ environment, with the ability to build programs from the ground up while maintaining operational stability.
- Technical Breadth: A strong background in both AppSec (securing SaaS products) and SecOps (defending cloud infrastructure). You should be comfortable speaking "code" with engineers and "risk" with the Board.
- Leadership Persona: Exceptional communication skills with the ability to influence remote teams and drive cross-departmental initiatives.
Certifications: CISSP, CISM, or CCSFP (Certified CSF Practitioner) are highly desirable.
This is a full-time (40hrs per week) remote position.
#LIRemote #zr #director
Recruitment Scam Notice
We are aware of fraudulent recruiting messages circulating that claim to represent our company. Please note:
-
All official communication from our recruiting team will come from an @bicyclehealth.com email address.
-
We will never ask you to pay fees, purchase equipment, or provide financial information as part of our hiring process.
-
We will never request your Social Security number or banking information before an offer of employment is made.
-
We only conduct interviews through legitimate, scheduled channels and will never make job offers via text message or chat apps.
If you believe you have been contacted by someone misrepresenting our company, please report it to careers@bicyclehealth.com.
About Bicycle Health:
Bicycle Health is a telemedicine group that specializes in the evidence-based treatment of individuals with Opioid Use Disorder using buprenorphine. We’ve grown our clinical staff of medical providers caring for patients, across 32 states, and we employ a large ancillary staff for support with technologic and administrative needs, clinical and behavioral support, and care coordination. Our innovative model has achieved clinical outcomes that exceed expectations for standard-of-care in-person treatment nationally. Our mission is to increase access to high quality, affordable, convenient and confidential Opioid Use Disorder treatment for all.
Bicycle Health is an Equal Opportunity Employer and considers applicants for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or any other basis forbidden under federal, state, or local law.