Senior Director, Head of Information Security

What You'll Do

• Define and lead Flatiron's enterprise-wide information security strategy, ensuring alignment with business goals, regulatory requirements, and risk appetite.
• Develop a strategy that is global in scope, balancing enterprise-wide consistency and local complexity.
• Oversee product and cloud security engineering, GRC (governance, risk management, compliance), and incident detection and response functions.
• Implement scalable "shift-left" security processes and tooling to integrate security early in the product and infrastructure development lifecycle.
• Develop frameworks to translate technical security risks into business impact, enabling informed prioritization and decision-making.
• Launch and maintain security risk and performance metrics dashboards to track areas of risk and progress over time.
• Collaborate with product and platform leaders to ensure security initiatives are aligned with business priorities and delivery timelines.
• Guide the secure development and delivery of Flatiron's data products and services, including oversight of AI governance frameworks.
• Ensure security practices support the safe, compliant, and scalable use of confidential data (including PHI/PII).
• Lead security efforts across both modern cloud-native stacks (e.g., Kubernetes, Snowflake, GitLab CI/CD) and legacy monolithic/on-premises systems, driving secure modernization.
• Foster a strong security culture through education, tooling, cross-functional collaboration, and the development of a high-performing, customer-oriented security team.

Who You Are

• You have experience building and mentoring high-performing, cross-functional security teams.
• Proven track record of leading security at a product-focused, data-driven technology company, ideally in healthcare, life sciences, or another regulated industry.
• Experience securing data products and services.
• Demonstrated success in integrating security into agile development processes and influencing product and engineering roadmaps.
• Deep understanding of programmatic security, including automation, infrastructure-as-code, and secure CI/CD practices.
• Hands-on experience with both modern cloud-native architectures and legacy technology stacks, with a pragmatic approach to modernization and risk management.
• You have excellent communication and stakeholder management skills, with the ability to translate risk into business terms and influence prioritization decisions.
• You have a Bachelors or an advanced technical degree in such fields as security or engineering.
• You have strong knowledge of regulatory frameworks such as HIPAA, GDPR, and other data privacy laws.
• You have supported an international business and applied global security standards.

Where You'll Work

Life at Flatiron

• Work/life autonomy via flexible work hours and flexible paid time off
• Comprehensive compensation package
• 401(k) contribution to help you reach your retirement planning goals
• Financial health resources including 1:1 financial advice
• Mental well-being tools and services
• Parental benefits and policies including family-building care and generous leave
• Path to parenthood programs supporting fertility, adoption and surrogacy
• Travel support for safe healthcare services

Salary Range

• Minimum Salary: 236000 EUR
• Maximum Salary: Not specified
• Remote Model: Hybrid
• Benefits:
  • Paid Holidays
  • Pension Plan

Preferred Primary Location

An Important Note On Compensation