Director, Information Security (Remote)

Mountain View, California, United States; Austin, Texas, United States; Remote, United States;

HeartFlow, Inc.

Bringing together human ingenuity and advanced AI technology to help combat the #1 cause of death.

View company page

HeartFlow, Inc. is a medical technology company transforming the diagnosis and management of coronary artery disease, the #1 cause of death worldwide, using cutting-edge technology. The flagship product—an AI-based, non-invasive cardiac test called the HeartFlow Analysis—provides a color-coded, 3D model of a patient’s coronary arteries indicating the impact blockages have on blood flow to the heart. It offers physicians a completely novel way to diagnose and treat cardiac patients. Our pipeline of products is growing and so is our team; join us in helping to revolutionize precision heartcare.
HeartFlow is a VC-backed, pre-IPO company that has received international recognition for exceptional strides in healthcare innovation, is supported by medical societies around the world, cleared for use in the US, UK, Europe, Japan and Canada, and has been used for more than 100,000 patients worldwide. 

HeartFlow is a VC-backed, pre-IPO, Software as a Service (SaaS) company that has received international recognition for exceptional strides in healthcare innovation. We combine clinical expertise with cutting-edge technology (deep learning, computational fluid dynamics, cloud-based computing) to revolutionize the diagnosis and treatment of coronary artery disease.

If you are passionate about leading information security professionals looking to protect our applications as we change the standard of care for coronary artery disease, come join our engineering team! 

You will lead the team driving cyber security operations, continuous monitoring, security information and event management, security architecture, security engineering, vulnerability scanning, endpoint security, security analytics, network access control, penetration testing, data forensics, security data ingestion, and analysis, incident analysis, threat monitoring/hunt and security situational awareness.

As both a technical and people leader, you will be a key player to scale our organization and our technology. #LI-IB1; #LI-Remote

Job Responsibilities:

  • Lead all security matters including governance, risk management, compliance, cyber security, application security, identity and access management, and security operations management
  • Serve as subject matter expert including applicable standards, rules, regulations, and best practices
  • Enable a DevSecOps Mindset
  • Incorporate a data-centric, analytic, and fact-driven approach
  • Analysis of current & future threat landscapes
  • Direct dedicated security resources to operate against the security program plan
  • Direct the execution of security risk assessments and conduct related ongoing compliance monitoring activities
  • Direct the execution of risk mitigation plans generated as a result of risk management analysis
  • Ensure all information technology systems, policies, and procedures fully comply with applicable laws, standards, and regulations
  • Oversee Information Security Budget
  • Monitor and evaluate security measures to protect against reasonably anticipated threats or hazards to the confidentiality, integrity, and availability of all applicable data
  • Ensure the effective execution of security and compliance training for account employees, including the alignment of regulatory and account specific changes
  • Engage with business leaders and corporate functions such as legal, HR, Product Development and IT to support securing our business data and products
  • Engage with external auditors and other third parties in support of security activities
  • Hands-on technical contributions as appropriate

Skills Needed:

  • Exceptional verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources.
  • Progressive experience in information security management, information management, information systems, and/or risk management
  • Familiarity and knowledge with relevant legal and regulatory requirements, such as SOX and HIPAA.
  • In-depth knowledge of information risk concepts/related business needs to security controls
  • Experience with Firewalls, NIDS, SIEM, End Point Security, Mobility Management, and Vulnerability Scanning
  • Strong experience in securing AWS Cloud Infrastructure with infrastructure as code (Terraform or CDK)
  • Strong experience and detailed technical knowledge in security engineering, application security, system, and network security, authentication, security protocols, and other security technologies

Educational Requirements & Work Experience: 

  • Bachelor's Degree in Computer Science, Information Security, or a related field
  • Minimum of 5 – 8 years of experience in Information Security
  • 1-3 years of management experience 

The pay range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to experience and training; skill sets; licensure and certifications; and other business and organizational needs. A reasonable estimate of the base salary compensation range is $185,185 to $282,407 (for San Francisco Bay Area) and $162,963 to $248,519 (for locations outside of San Francisco Bay Area). 

We also offer a range of benefits and programs to meet employee needs based on eligibility. These benefits include comprehensive health care coverage, a health savings account, disability, and life insurance, a Critical Illness and accident plan, a flex spending account (medical and dependent care), a 401k plan with a company match, mental health support TaskHuman, EAP, financial coaching, Rocket Lawyer, and more. HeartFlow offers 12 paid holidays, 15 vacation days, and 80 hours of sick leave.

About HeartFlow, Inc.
HeartFlow, Inc. is a medical technology company redefining the way heart disease is diagnosed and treated. Our non-invasive HeartFlow FFRct Analysis leverages deep learning to create a personalized 3D model of the heart. By using this model, clinicians can better evaluate the impact a blockage has on blood flow and determine the best treatment for patients. Our technology is reflective of our Silicon Valley roots and incorporates decades of scientific evidence with the latest advances in artificial intelligence. The HeartFLow FFRct Analysis is commercially available in the United State, Canada, Europe and Japan. For more information, visit
HeartFlow, Inc. is an Equal Opportunity Employer. We are committed to a work environment that supports, inspires, and respects all individuals and do not discriminate against any employee or applicant because of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law. This policy applies to every aspect of employment at HeartFlow, including recruitment, hiring, training, relocation, promotion, and termination.
Positions posted for HeartFlow are not intended for or open to third party recruiters / agencies. Submission of any unsolicited resumes for these positions will be considered to be free referrals.
US Locations Only: All employees and contingent workers (contractor, consultant, interns or temporary personnel) are required to be vaccinated against SARS-CoV-2 as recommended by CDC, unless a reasonable accommodation is approved. All prospective hires will be expected to provide proof of vaccination on their first day of employment.
Apply now Apply later
  • Share this job via
  • or

Tags: Analytics Application security Artificial Intelligence AWS Cloud Compliance Computer Science DevSecOps Endpoint security Firewalls Forensics Governance HIPAA IAM Monitoring Network security Pentesting Risk assessment Risk management SaaS Security Assessment Report SIEM Terraform

Perks/benefits: 401(k) matching Career development Flex vacation Health care Insurance Medical leave Relocation support

Regions: Remote/Anywhere North America
Country: United States
Job stats:  41  11  0
Category: Leadership Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.