Zócalo Health is seeking a Director of IT & Security to join at a critical inflection point as we scale our systems, headcount, and regulatory obligations. This role will establish centralized ownership and strategic direction for all IT operations, infrastructure, and end-user support, alongside security and access governance. A key early objective is leading the organization toward HITRUST certification by December 2026.
What You'll Do
- Manage and maintain the company's technology infrastructure, including cloud services, networking, and internal application stack.
- Develop and execute the long-term IT roadmap to support rapid growth and scalability.
- Oversee the IT operational budget, ensuring cost-effective technology investments and asset management.
- Lead the IT Helpdesk function, establishing service level agreements (SLAs) for excellent and timely end-user support.
- Manage the procurement, deployment, inventory, and lifecycle management of all company hardware, software, and SaaS assets.
- Ensure effective training and support for employees on all internal systems and productivity tools.
- Establish and regularly test a robust business continuity and disaster recovery plan for critical IT systems.
- Own and lead the HITRUST certification program, including control implementation, documentation, and audit readiness.
- Establish and enforce security policies, standards, and procedures.
- Own system access provisioning and de-provisioning across all platforms.
- Oversee MDM, endpoint security, and identity management.
- Lead vendor security reviews and ongoing risk assessments.
- Coordinate incident response and remediation efforts.
- Partner with Engineering, Product, Compliance, and Operations on security and IT initiatives.
- Manage outsourced IT and security vendors as appropriate.
- Build scalable IT and security governance that supports growth beyond 250 employees.
What We're Looking For
- 8+ years of experience in IT, security, or information security leadership.
- Strong background in managing and scaling cloud-based infrastructure.
- Proven experience leading an IT operations or end-user support team/Helpdesk function.
- Demonstrated ability to manage IT capital and operating budgets and vendor relationships for technical services.
- Direct experience leading security programs in regulated environments.
- Demonstrated experience with HITRUST, SOC 2, HIPAA, or similar frameworks.
- Strong understanding of access control, identity management, and endpoint security.
- Experience working in high-growth or startup environments.
- Ability to balance strategic leadership with hands-on execution.
Nice to Have
- Prior experience in healthcare or healthtech organizations.
- Experience building security programs from early or mid-stage maturity.
Team & Environment
This position reports to the Chief People & Compliance Officer, with a future-state possibility of transitioning under a future technical leader as the organization matures.
Benefits & Compensation
- Equity compensation package.
- Comprehensive benefits including medical, dental, and vision.
- 401k.
- Flexible PTO policy - take the time you need to recharge.
- $1,000 home office stipend.
- We provide the equipment needed for this role.
- Opportunity for rapid career progression with plenty of room for personal growth.
- Compensation: $165,000-$180,000 per year.
Work Mode
This role is open to candidates based in the United States.
At Zócalo Health, we see diversity and inclusion as a source of strength in transforming healthcare. We believe building trust and innovation are best achieved through diverse perspectives.
Individuals seeking employment at Zócalo Health are considered without regard to race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
