MacroHealth
Director, It & Security
Position Summary: We are seeking a pragmatic, strategic, and execution-focused Director of Information Technology & Security to lead the evolution of MacroHealth's internal IT ecosystem. This role will define and drive the IT strategy, mature business systems and services, ensure enterprise-level security and compliance, and elevate the technology experience for our distributed workforce. The right candidate brings a growth-stage mindset, hands-on technical expertise, and a strong service orientation to support employees, accelerate business outcomes, and scale operations in compliance with healthcare industry standards such as HIPAA and HITRUST. This leader will also oversee help desk operations and internal IT support, driving reliability, responsiveness, and process discipline across the organization. Key Relationships: Internal: Collaborates closely with executive leadership and functional teams across Engineering, Security, Product, HR, Finance, and Legal to support employees (primarily in the U.S. and Canada) and global outsourced team members. External: Manages relationships with SaaS vendors, MSPs, compliance consultants, and IT service providers to ensure scalable, secure, and cost-effective technology operations. Key Accountabilities: IT Strategy & Leadership: Develop and execute a scalable IT strategies aligned with MacroHealth's rapid growth and evolving business goals. Create and maintain headcount forecasts for the IT and Security organization which reflect industry best practice and business needs. Lead IT planning, budgeting, and performance measurement across internal systems and infrastructure. Establish standards for technology infrastructure, cloud governance and administration (Azure, AWS, and GCP), asset management, and identity management. Establish and maintain roadmaps for all areas under the IT and Security purview, including IT Operations, Information Security Operations, Technology Risk and Compliance, Infrastructure Engineering and Operations, Enterprise Systems, and IT Architecture. Ability and desire to be hands-on with technologies while scaling the team. IT Systems & Operations: Ensure reliable, responsive help desk and end-user support across time zones. Define and Implement SLAs. Measure Employee Satisfaction as it pertains to IT Operations. Own the enterprise technology roadmap, budget, and resource management. Ensure secure, scalable support for internal tools and processes including Identity Lifecycle and Access Control (EntraID), Monitoring (PRTG), Technology Onboarding and Offboarding, Collaboration Platform Administration (M365 Suite, Google Enterprise, Atlassian, Smartsheet), Asset Management and Endpoint Management (InTune, Autopilot), ITSM Platform and Administration (Jira), Drive automation and process improvement across departments via internal technology solutions, Own the creation and maintenance of documentation of IT processes, workflows, and systems to support audit readiness, scalability, and operational consistency, Establish a culture of defined and repeatable processes, with a focus on automation and "shift-left" strategies where automation isn't currently viable. Security & Compliance: Lead IT security operations, including access management, endpoint protection, and vulnerability mitigation. Collaborate with Security and Legal teams to ensure compliance with healthcare-related and security frameworks such as HIPAA, HITRUST, NIST CSF, ISO 270001, and SOC2. Experience establishing Governance Risk and Compliance teams and frameworks. Experience in regulated environments with external audit requirements. Experience evaluating, implementing, and maintaining key security technologies such as IDP and SSO EntraID, Ping Identity, Okta, Endpoint Protection & Response MS Defender, Rapid7 Insight XDR, SentinelOne, CrowdStrike Falcon, DeepInstinct, DSPM MS Purview, Varonis, BigID, Concentric, Vulnerability Scanning Tenable, InsightVM, SEIM Splunk, Huntress, SumoLogic, Experience implementing Data Governance policies and processes, including classification, labeling, retention and/or redaction policies, Own internal IT risk assessments, policy creation and enforcement, support for audit activities, disaster recovery and business continuity planning, Previous experience leading internal and external adversarial exercises including tabletop exercises and penetration testing. Vendor & Technology Management: Lead vendor selection, performance management, and SaaS contract negotiations. Optimize licensing, cost controls, and technology asset management across the org. Establish scalable governance for systems usage, provisioning, and lifecycle management. Team Leadership & Support: Build and lead a lean, high-performing IT function, including internal staff and outsourced partners. Proven ability to build and implement scalable, repeatable processes within a lean and growing organization. Create a service-driven culture focused on reliability, responsiveness, and security. Support the needs of a hybrid workforce across multiple time zones and geographies. Required Education and Experience: Bachelor's degree or equivalent experience in Information Technology, Computer Science, Engineering, or related discipline. 10+ years of progressive IT experience, including 3+ years in a leadership or Director-level roles. Experience or exposure working with or implementing AI based productivity tools like MS Copilot for M365, Cloud, Open AI and agent based tools such as Zapier or N8n. Experience scaling IT operations in a growth-stage product company. Excellent collaboration and communication skills at all levels of an organization. Preference for working in hybrid/remote-first environments with globally distributed teams. Prior involvement in IT M&A readiness, enterprise tooling consolidation, and security framework maturity. Travel: Travel as required to support the business. Less than 25%. Location: Remote anywhere within the US (Must be located in the US) Core Values: One Team: Act as one team with fellow MacroMates and customers. Value humility, low ego, and collaboration. Maintain an All for One, One for All attitude. Deliver on Promises: Do the right thing. Do what you say you will do. Work with a sense of urgency and transparency. Macro Thinking: Challenge yourself and others to think boldly, bigger, and into the future. Lead with a Growth Mindset. Act as a thought leader for the healthcare industry. MacroHealth is an equal opportunity employer.
Position Summary: We are seeking a pragmatic, strategic, and execution-focused Director of Information Technology & Security to lead the evolution of MacroHealth's internal IT ecosystem. This role will define and drive the IT strategy, mature business systems and services, ensure enterprise-level security and compliance, and elevate the technology experience for our distributed workforce. The right candidate brings a growth-stage mindset, hands-on technical expertise, and a strong service orientation to support employees, accelerate business outcomes, and scale operations in compliance with healthcare industry standards such as HIPAA and HITRUST. This leader will also oversee help desk operations and internal IT support, driving reliability, responsiveness, and process discipline across the organization. Key Relationships: Internal: Collaborates closely with executive leadership and functional teams across Engineering, Security, Product, HR, Finance, and Legal to support employees (primarily in the U.S. and Canada) and global outsourced team members. External: Manages relationships with SaaS vendors, MSPs, compliance consultants, and IT service providers to ensure scalable, secure, and cost-effective technology operations. Key Accountabilities: IT Strategy & Leadership: Develop and execute a scalable IT strategies aligned with MacroHealth's rapid growth and evolving business goals. Create and maintain headcount forecasts for the IT and Security organization which reflect industry best practice and business needs. Lead IT planning, budgeting, and performance measurement across internal systems and infrastructure. Establish standards for technology infrastructure, cloud governance and administration (Azure, AWS, and GCP), asset management, and identity management. Establish and maintain roadmaps for all areas under the IT and Security purview, including IT Operations, Information Security Operations, Technology Risk and Compliance, Infrastructure Engineering and Operations, Enterprise Systems, and IT Architecture. Ability and desire to be hands-on with technologies while scaling the team. IT Systems & Operations: Ensure reliable, responsive help desk and end-user support across time zones. Define and Implement SLAs. Measure Employee Satisfaction as it pertains to IT Operations. Own the enterprise technology roadmap, budget, and resource management. Ensure secure, scalable support for internal tools and processes including Identity Lifecycle and Access Control (EntraID), Monitoring (PRTG), Technology Onboarding and Offboarding, Collaboration Platform Administration (M365 Suite, Google Enterprise, Atlassian, Smartsheet), Asset Management and Endpoint Management (InTune, Autopilot), ITSM Platform and Administration (Jira), Drive automation and process improvement across departments via internal technology solutions, Own the creation and maintenance of documentation of IT processes, workflows, and systems to support audit readiness, scalability, and operational consistency, Establish a culture of defined and repeatable processes, with a focus on automation and "shift-left" strategies where automation isn't currently viable. Security & Compliance: Lead IT security operations, including access management, endpoint protection, and vulnerability mitigation. Collaborate with Security and Legal teams to ensure compliance with healthcare-related and security frameworks such as HIPAA, HITRUST, NIST CSF, ISO 270001, and SOC2. Experience establishing Governance Risk and Compliance teams and frameworks. Experience in regulated environments with external audit requirements. Experience evaluating, implementing, and maintaining key security technologies such as IDP and SSO EntraID, Ping Identity, Okta, Endpoint Protection & Response MS Defender, Rapid7 Insight XDR, SentinelOne, CrowdStrike Falcon, DeepInstinct, DSPM MS Purview, Varonis, BigID, Concentric, Vulnerability Scanning Tenable, InsightVM, SEIM Splunk, Huntress, SumoLogic, Experience implementing Data Governance policies and processes, including classification, labeling, retention and/or redaction policies, Own internal IT risk assessments, policy creation and enforcement, support for audit activities, disaster recovery and business continuity planning, Previous experience leading internal and external adversarial exercises including tabletop exercises and penetration testing. Vendor & Technology Management: Lead vendor selection, performance management, and SaaS contract negotiations. Optimize licensing, cost controls, and technology asset management across the org. Establish scalable governance for systems usage, provisioning, and lifecycle management. Team Leadership & Support: Build and lead a lean, high-performing IT function, including internal staff and outsourced partners. Proven ability to build and implement scalable, repeatable processes within a lean and growing organization. Create a service-driven culture focused on reliability, responsiveness, and security. Support the needs of a hybrid workforce across multiple time zones and geographies. Required Education and Experience: Bachelor's degree or equivalent experience in Information Technology, Computer Science, Engineering, or related discipline. 10+ years of progressive IT experience, including 3+ years in a leadership or Director-level roles. Experience or exposure working with or implementing AI based productivity tools like MS Copilot for M365, Cloud, Open AI and agent based tools such as Zapier or N8n. Experience scaling IT operations in a growth-stage product company. Excellent collaboration and communication skills at all levels of an organization. Preference for working in hybrid/remote-first environments with globally distributed teams. Prior involvement in IT M&A readiness, enterprise tooling consolidation, and security framework maturity. Travel: Travel as required to support the business. Less than 25%. Location: Remote anywhere within the US (Must be located in the US) Core Values: One Team: Act as one team with fellow MacroMates and customers. Value humility, low ego, and collaboration. Maintain an All for One, One for All attitude. Deliver on Promises: Do the right thing. Do what you say you will do. Work with a sense of urgency and transparency. Macro Thinking: Challenge yourself and others to think boldly, bigger, and into the future. Lead with a Growth Mindset. Act as a thought leader for the healthcare industry. MacroHealth is an equal opportunity employer.