Chief Information Security Officer (CISO)
Remote
Employment Type: Full-Time | Executive Leadership
About Nsight Health
Nsight Health is transforming how care is delivered through Remote Patient Monitoring (RPM), Chronic Care Management (CCM), and Behavioral Health Integration (BHI). We empower healthcare providers to manage chronic conditions using real-time data, AI-enabled technology, and 24/7 clinical support. Our HIPAA-compliant platform connects patients and care teams nationwide—improving outcomes, adherence, and peace of mind. Join a fast-growing, mission-driven team that blends healthcare and technology to make a measurable difference in people’s lives.
Nsight Health — Where Technology Meets Compassion.
Position Summary
We are seeking a visionary yet pragmatic Chief Information Security Officer (CISO) to build and own Nsight Health’s security and compliance function from the ground up. As we scale our AI-powered healthcare platform, we require a leader who views security not as a blocker, but as a competitive differentiator and a prerequisite for enterprise growth.
Reporting directly to the COO, you will inherit an existing compliance team and a mandate to elevate our security posture. This is a "builder-operator" role: you will establish frameworks (CIS, SOC 2), mature existing HIPAA processes, and serve as a credible, forward-leaning partner to our AI-focused product and engineering teams.
AI Fluency Requirement — Non-Negotiable
Nsight Health is an AI-first organization. Every member of our leadership and operations team is expected to actively use AI tools in their day-to-day work — not as a novelty, but as a core productivity multiplier. This role requires genuine curiosity about AI, comfort experimenting with tools like Claude, ChatGPT, and workflow automation platforms, and the judgment to know when AI helps and when it doesn't. If AI makes you uncomfortable, this is not the right role.
Key Responsibilities
- Security Program Ownership: Build and continuously improve Nsight’s security policies and standards; establish a risk-based framework grounded in CIS Controls and maintain our security architecture across cloud and SaaS platforms.
- Regulatory & Compliance Leadership: Own the end-to-end HIPAA/HITECH program; lead SOC 2 Type II certification efforts, embedding controls into daily workflows so compliance is continuous rather than an annual event.
- AI Security & Innovation: Actively assess the security implications of our AI-forward stack (LLMs, agentic workflows, and automation); develop guardrails that balance rapid innovation with responsible risk management.
- Vendor & Incident Management: Design and lead a robust vendor risk management program and own the enterprise incident response plan, including tabletop exercises and real-time incident management.
- Team Leadership: Directly lead and mature the existing compliance function; partner with the VP of IT on internal systems security and foster a security-first culture that enhances, rather than hinders, productivity.
The Impact You’ll Make
- Strategic Trust: You will turn security into a sales accelerator by providing clear, jargon-free assurance to our enterprise customers and partners.
- Scalable Governance: You’ll transition the company from "startup speed" to "enterprise-ready" by automating evidence collection and risk assessments.
- AI Resilience: You will ensure our AI-first mission is built on a rock-solid foundation, identifying emerging AI-specific attack vectors before they impact the business.
Qualifications
Required
- 8+ years of information security experience , with at least 3 years in a leadership role owning a security or compliance program.
- Deep HIPAA/HITECH Expertise: Practical knowledge of operationalizing compliance in a SaaS healthcare environment.
- SOC 2 Mastery: Hands-on experience achieving or maintaining SOC 2 Type II certification.
- AI Fluency: Genuine enthusiasm for and professional experience using AI tools (ChatGPT, Claude, etc.) as a core productivity multiplier and a deep understanding of their security implications.
- Incident Leadership: Demonstrated experience managing real-world security incidents and data breaches.
Preferred
- Certifications: CISSP, CISM, HCISPP, or equivalent.
- Industry Background: Experience in healthcare SaaS, digital health, or value-based care technology.
- Builder Mindset: Prior experience building a security function from scratch at a growth-stage or PE-backed company.
- Technical Breadth: Familiarity with cloud security (AWS/GCP/Azure) and AI governance frameworks.
Compensation & Benefits
Competitive base pay: $180,000 – $220,000 annually.
Additional Compensation
- Bonus Eligible: Annual performance-based bonus (Company + Individual).
Benefits Include
- Unlimited PTO
- Medical, Dental, Vision, and supplemental insurance options
- 401(k) Plan with 3.5% Company Match
- Company-provided equipment
Join Our Mission-Driven Team
At Nsight Health, you’ll be part of a fast-growing organization that sits at the intersection of healthcare, technology, and compassion. We’re looking for a CISO who cares deeply about protecting patient data while enabling the future of connected care.
Our team culture is collaborative, agile, and purpose-driven. Every role—from clinical operations and customer success to marketing, technology, and leadership—directly contributes to improving how healthcare organizations care for their patients.
