Director, Security & IT

A pioneer in the caregiving space, Careforth supports family caregivers across the United States to confidently care for their loved ones at home. Through a combination of in-person home visits, remote coaching and our proprietary digital collaboration app, we provide caregivers with support, guidance, confidence, and connection to resources they need. The Caregivers and families we support stay with Careforth for many years, building lasting relationships along the way. Join us today and live our values: lead with heart, cultivate trust, go beyond.

The Director of Security & IT will lead and mature Careforth's information security and IT infrastructure programs, ensuring the confidentiality and availability of our systems and data in a highly regulated healthcare environment. This senior leader will own our security posture end-to-end — from HIPAA and HITRUST compliance to cloud infrastructure and incident response — while partnering closely with Clinical, Product, Legal, and executive leadership. This role will oversee security strategy, IT operations and vendor risk management, serving as Careforth’s primary voice on security risk and IT resilience.

• Own and continuously mature Careforth's information security program, ensuring policies and standards align with HIPAA, HITRUST, and applicable state privacy regulations.
• Serve as the primary point of accountability for security risk management, threat monitoring, vulnerability management, and incident response.
• Lead preparation for security audits and regulatory examinations, managing remediation of findings.
• Partner with Legal and Compliance to maintain a robust data governance and privacy framework, including Business Associate Agreements (BAAs) and breach notification procedures.
• Define and execute the IT roadmap, encompassing cloud infrastructure, end-user computing, enterprise applications, and systems reliability.
• Manage vendor risk assessments and third-party security reviews; maintain an up-to-date vendor risk register.
• Oversee IT operations including helpdesk, asset management, identity and access management (IAM), endpoint protection, and network security.
• Drive the adoption of cloud-first and zero-trust architecture principles across the organization (AWS preferred).
• Lead and mentor a high-performing team, fostering a culture of accountability and continuous improvement.
• Develop and present security metrics, KPIs, and risk dashboards to executive leadership and the Board as appropriate.
• Champion security awareness through training programs, phishing simulations, and a culture of shared responsibility.
• Manage IT vendor relationships, contracts, and technology spend to ensure cost-effective, resilient operations.
• Collaborate with the Software Engineering team to embed secure development practices.
• Maintain and regularly test business continuity and disaster recovery plans.
• Perform other duties as assigned

•10+ years of progressive experience in information security, including 3+ years in a people leadership role.

•Strong familiarity with operating IT and telecommunications systems.

•Deep expertise in HIPAA/HITRUST compliance and healthcare data privacy requirements; experience operating in a regulated healthcare or health tech environment is strongly preferred.
• Strong knowledge of security frameworks such as NIST CSF, ISO 27001, and SOC 2 Type II.
• Hands-on experience securing cloud-based environments and SaaS platforms (AWS preferred).
• Proven track record leading incident response, forensic investigations, and disaster recovery planning.
• Familiarity with secure software development practices and ability to partner effectively with engineering teams.
• Experience with IAM platforms, endpoint detection and response (EDR) tools, and SIEM/log management solutions.
• Exceptional communication skills; able to translate complex technical risk into clear business language for non-technical stakeholders including executive leadership.
• Bachelor's degree in a related field or equivalent work experience; CISSP, CISM, CISA certification preferred.

At Careforth your well-being matters. With flexible schedules, a remote-first culture, and a nationally recognized wellness program, our benefits are designed to help you thrive, both professionally and personally. Discover how we invest in you: https://careforth.com/careers/#benefits

The pay range for this position is $133,900 - $214,337. The actual wage offered may be lower or higher depending on budget and candidate experience, knowledge, skills, qualifications, and geographic location.

#LI-Remote ( except for CA)

Founded in Boston, Careforth's caregiver programs and services improve health outcomes, keeping care at home longer. Additionally, our programs provide financial benefit to caregivers and cost savings to state agencies and health plans. At Careforth, we understand the challenges of caregiving and are committed to supporting family caregivers at every turn.

Caregivers play a critical role in the future of healthcare—and so can you.

Apply now!

For more information, please visit www.Careforth.com.

Careforth is an Equal Opportunity Employer*

DISCLAIMER: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job.

*Careforth supports families with diverse backgrounds and as an equal opportunity employer, we seek employees who reflect the diverse population we serve. Careforth complies with all applicable laws concerning hiring and employment practices and is firmly committed to fostering and maintaining a workplace free from discrimination. We pledge to hire, train, and promote our employees without regard to race, religion, gender, gender identity, genetic information, age, national origin, sexual orientation, disability, veteran status, or any other category protected by applicable law.

Careforth strives to create experiences that are accessible and welcoming to everyone, including making www.careforth.com and the careers site accessible to any and all users. If you would like to contact us regarding the company’s diversity, equity and inclusion initiatives, inquire about a specific accessibility need or the accessibility of our website, or if you need assistance completing an application process, please contact People & Culture at 866-797-2333.