Imprivata

Chief Information Security Officer

Imprivata$180K — $220K *
Information Technology
11 - 15 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity, Computer Science, IT, or related field; Master’s preferred
  • 12+ years in information security; 5+ years in a senior leadership role
  • Experience building enterprise security programs in SaaS or enterprise software environments
  • Knowledge of security frameworks (NIST, ISO 27001, SOC 2)
  • Understanding of cloud security (AWS, Azure, or GCP) and application security
  • Familiarity with risk management and compliance in enterprise software
  • Experience addressing AI-related security risks and threats

Responsibilities

  • Collaborate with executive leadership to define and execute an information security strategy
  • Establish and maintain an enterprise-wide security program covering governance and incident response
  • Lead development and enforcement of security policies and procedures
  • Assess and improve organization's security posture across various domains
  • Define and monitor key risk and performance indicators
  • Ensure secure design principles are embedded in product development
  • Drive culture of security awareness through training programs

Benefits

  • Top-notch work environment
  • Developmental opportunities
  • Competitive total rewards package
  • Culture that encourages fun and team engagement
Full Job Description
Description

We are seeking a Chief Information Security Officer to join our team. This is a hybrid opportunity based out of our Waltham, MA office.

Job Summary

Imprivata is seeking a strategic and experienced Chief Information Security Officer (CISO) to lead the company's global information security and risk management program. Reporting directly to the Chief Technology Officer, the CISO will be responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected.

The CISO will partner with executive leadership, product, engineering, IT, legal, and compliance teams to embed security into all aspects of the business. This leader will balance risk management with business enablement, ensuring the organization meets regulatory requirements while supporting innovation and growth. The ideal candidate brings deep expertise in cybersecurity, risk management, and enterprise SaaS environments, along with strong leadership and communication skills.

Duties and Responsibilities
  • Collaborate with executive leadership to define and execute a comprehensive information security strategy aligned with business objectives.
  • Establish and maintain an enterprise-wide information security program, including governance, risk management, compliance, and incident response.
  • Lead the development and enforcement of security policies, standards, and procedures across the organization.
  • Assess and continuously improve the organization's security posture, including application security, cloud security, infrastructure security, and endpoint protection.
  • Define and monitor key risk indicators (KRIs) and key performance indicators (KPIs) to measure security effectiveness and maturity.
  • Collaborate with product and IT leadership to ensure that secure design principles are embedded in product development and IT systems.
  • Lead threat detection, incident response, and recovery efforts, including coordination with internal teams and external partners.
  • Drive a culture of security awareness through training and education programs across the organization.
  • Partner with legal, compliance, and audit teams to ensure adherence to regulatory requirements (e.g., SOC 2, HIPAA, GDPR, ISO 27001).
  • Manage third-party risk programs, including vendor security assessments and ongoing monitoring.
  • Work with product and non-product functions to ensure their use of AI aligns with proper security threat and risk protocols.
  • Provide regular updates to executive leadership and the Board on security risks, incidents, and program maturity.
  • Build, lead, and develop a high-performing information security team.
  • Manage the information security budget and prioritize investments based on risk and business impact.
  • Stay current with emerging threats, technologies, and industry best practices to continuously evolve the security program.
  • Collaborate with product and engineering teams to ensure secure software development lifecycle (SDLC) practices.
  • Other duties as assigned and required.

Required Qualifications
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field; Master's degree preferred.
  • 12+ years of experience in information security, with at least 5+ years in a senior leadership role.
  • Proven experience building and leading enterprise security programs in a SaaS or enterprise software environment.
  • Deep knowledge of security frameworks and standards (e.g., NIST, ISO 27001, SOC 2, CIS).
  • Strong understanding of cloud security (AWS, Azure, or GCP), application security, and modern security architectures.
  • Experience with risk management, compliance, and regulatory requirements relevant to enterprise software companies.
  • Experience with AI in corporate environments, including individual usage, the securitization of agents, and AI as a security threat from the outside.
  • Demonstrated ability to communicate complex security topics to executive leadership and non-technical stakeholders.
  • Strong leadership, team-building, and organizational skills.
  • Proven track record of incident response leadership and crisis management.
  • Relevant certifications such as CISSP, CISM, CISA, or equivalent strongly preferred.
  • Strong business acumen, particularly in aligning security investments with financial and operational priorities.

At Imprivata, we have a top-notch work environment, developmental opportunities, a competitive total rewards package, and the desire to have fun. If you have the skills and qualifications as we have described above, we want to hear from you!

#LI-Hybrid #LI-ML1

About Imprivata

Imprivata is a healthcare IT security company that enables healthcare organizations to access, communicate, and transact patient information securely and conveniently. The company offers a range of products and services, including authentication and access management, secure communications, and patient engagement. Imprivata's solutions are used by over 1,000 healthcare organizations worldwide, including hospitals, clinics, and other healthcare providers. The company was founded in 2002 and is headquartered in Lexington, Massachusetts.
Learn more about Imprivata
Size
1,000 employees
Industry
Founded
2002

Similar Jobs

More Jobs at Imprivata

More Information Technology Jobs

Find similar Chief Information Security Officer jobs: