Jobs · Information Technology · Texas

Head of InfoSec and IT Operations

Autonomize AI · Austin, TX · 2 wk ago
On-siteInformation TechnologyFull-time

Role Overview

Location: Austin, TX | 12+ years’ experience | Full time | Reports to Chief Technology Officer
Autonomize AI is hiring a Head of InfoSec and IT Operations, responsible for establishing, operating, and continuously strengthening the company’s information security, cybersecurity, privacy, and AI governance programs.

Key Responsibilities

  • Security Strategy and Governance
    • Develop and execute a comprehensive enterprise information security strategy aligned with business growth and regulatory obligations.
    • Establish and maintain security governance structures, policies, standards, and controls.
    • Report regularly to executive leadership on cybersecurity posture, risk, and maturity.
    • Conduct risk assessments.
  • Healthcare Regulatory and Compliance Alignment
    • Ensure compliance with HIPAA Privacy and Security Rule, HITECH, and applicable state privacy and security laws.
    • Oversee SOC 2 Type II, HITRUST, ISO 27001, and other certification efforts as appropriate.
    • Maintain audit readiness for client security assessments and regulatory inquiries.
    • Support Business Associate Agreement (BAA) obligations and downstream vendor oversight.
    • Partner with internal stakeholders to align security guardrails with healthcare regulatory workflows (e.g., prior authorization, appeals, interoperability requirements).
  • Cloud and Infrastructure Security
    • Oversee cloud security architecture (e.g., Azure, AWS,) including, encryption, key management, data segmentation, and secure configuration.
    • Ensure implementation of least privilege and strong access controls.
    • Oversee vulnerability management, endpoint security, logging, and monitoring capabilities.
    • Maintain incident response plans and conduct regular tabletop exercises.
  • Secure Software Development and AI Security
    • Embed security into the Secure Software Development Lifecycle (Secure SDLC).
    • Oversee application security testing (SAST, DAST, penetration testing).
    • Establish controls for model governance, data lineage, training data protections, and AI risk management.
    • Ensure safeguards around PHI handling in AI workflows, model training, testing, and prompt experimentation.
    • Partner with Product and Engineering to ensure privacy-by-design and security-by-design principles.
  • Data Protection and Privacy
    • Oversee data classification, retention, minimization, and secure disposal policies.
    • Ensure encryption at rest and in transit for sensitive data.
    • Establish controls for de-identification, re-identification risk mitigation, and controlled data access.
    • Support privacy impact assessments for new products and features.
  • Sub-Vendor Risk Management
    • Establish and oversee vendor security due diligence processes.
    • Ensure subcontractors meet contractual and regulatory security obligations.
    • Monitor ongoing vendor risk and compliance.
  • Incident Response and Business Continuity
    • Lead cybersecurity incident response efforts; coordinate cross-functional response teams.
    • Ensure regulatory breach notification readiness and procedures.
    • Oversee disaster recovery and business continuity planning.
  • Security Culture and Awareness
    • Build a culture of privacy and security awareness across the company.
    • Develop employee training programs specific to PHI handling and AI-enabled workflows.
    • Serve as a visible leader in customer security discussions and sales cycles.

Qualifications

  • Experience
    • 12+ years of progressive information security leadership experience.
    • Demonstrated experience as a security leader within a healthcare technology company, health plan, provider organization, or regulated SaaS environment.
    • Deep knowledge of HIPAA Privacy and Security Rules and healthcare regulatory environments.
    • Experience leading SOC 2 Type II and/or HITRUST certification processes.
    • Expertise in cloud security architecture and modern DevSecOps practices.
    • Experience managing security for AI/ML-enabled platforms preferred.
    • Proven ability to interface with customers and support security questionnaires and audits.
    • Strong executive presence and ability to communicate complex security risks to non-technical stakeholders.
  • Skills
    • Strategic risk leadership
    • Regulatory fluency in healthcare
    • Technical depth in cloud and application security
    • Executive communication and reporting
    • Ability to balance innovation velocity with risk mitigation
    • Scalable program design in growth-stage environments

What We Offer

  • High-impact opportunity to shape the future of healthcare AI.
  • Autonomy, ownership, and the ability to chart your own growth path.
  • Competitive base salary + commission + accelerators.
  • 100% employer-paid health, dental, and vision insurance.
  • Retail plans (401k), disability insurance, and employee assistance programs.
  • Work with a bold, fast-moving team solving meaningful problems.

How to Apply

Send your resume and a brief note to careers@autonomize.ai explaining why you’re the right partner to expand our most strategic national accounts.

Similar jobs

IT SPECIALIST (INFOSEC)

Naval Air Warfare Center Training Systems Division (NAWCTSD)Patuxent River, MD· 1 wk ago
Information Technologyapply on navair.yellogov.com

IT SPECIALIST (INFOSEC)

Naval Air Warfare Center Training Systems Division (NAWCTSD)China Lake, CA· 1 mo ago
Information Technologyapply on navair.yellogov.com

IT Specialist (INFOSEC)

Naval Air Warfare Center Training Systems Division (NAWCTSD)China Lake, CA· 9 mo ago
Information Technology$71k/yrapply on navair.yellogov.com