Role Description The Vice President, Information Security will lead the enterprise cybersecurity, data protection, and IT compliance functions for a leading publicly-traded telehealth organization. This is a critical executive leadership role operating at the intersection of technology, patient safety, regulatory compliance, and enterprise risk management. Reporting directly to the Chief Technology Officer (CTO), the VP of Information Security will be responsible for defining and executing a comprehensive, enterprise-wide security strategy to safeguard protected health information (PHI), ensure regulatory compliance, and protect the organization’s digital and clinical ecosystems. This leader will play a pivotal role in advancing secure digital transformation, strengthening internal controls, and ensuring adherence to healthcare regulatory frameworks and other applicable standards including HIPAA, HITECH, and Sarbanes Oxley IT General Controls. This role requires a strategic yet hands-on leader capable of operating in a highly regulated, mission-critical healthcare environment where security directly impacts patient trust and clinical outcomes. Responsibilities - Cybersecurity & Risk Management - Lead all aspects of enterprise information security, including threat detection, incident response, vulnerability management, and continuous monitoring. - Establish and mature a comprehensive Governance, Risk, and Compliance (GRC) framework aligned to healthcare industry standards (e.g., NIST, HITRUST, ISO 27001). - Continuously assess enterprise risk posture, prioritizing cybersecurity risks in alignment with clinical, operational, and financial risk frameworks. - Data Protection & Patient Privacy - Design and implement strategies to protect sensitive patient data, including Protected Health Information (PHI), Personally Identifiable Information (PII), and clinical data. - Ensure compliance with healthcare data security and privacy regulations, including HIPAA and HITECH, as well as state-specific privacy laws. - Oversee data governance, encryption, identity management, and secure data exchange across clinical systems (EHR/EMR), patient platforms, and third-party partners. - Lead enterprise-wide data protection initiatives, including breach prevention, detection, and response. - Compliance & Controls - Own and manage IT risk, compliance, and IT General Controls (ITGC) programs in support of SOX and healthcare regulatory requirements. - Partner with internal audit, compliance, legal, and finance teams to ensure audit readiness and timely remediation of control deficiencies. - Maintain compliance with standards such as HIPAA, HITRUST, SOC 2, PCI-DSS (as applicable), and other healthcare-specific regulatory frameworks. - Support regulatory audits, accreditation processes, and third-party risk management programs. - Infrastructure Security & Digital Transformation - Lead security architecture across enterprise infrastructure, including cloud, hybrid, and on-premise environments supporting clinical and digital health platforms. - Drive secure cloud transformation initiatives, ensuring appropriate controls across IaaS, PaaS, and SaaS environments. - Partner with engineering, IT, and DevOps teams to implement DevSecOps practices and secure software development lifecycle (SDLC). - Oversee identity and access management (IAM), role-based access controls, and privileged access governance across clinical and enterprise systems. - Incident Response & Cyber Resilience - Lead enterprise incident response strategy, including preparedness, detection, containment, and recovery from cyber incidents. - Coordinate breach investigations, root cause analysis, regulatory reporting, and post-incident remediation. - Develop and maintain business continuity and disaster recovery plans with a strong focus on clinical and operational resilience. - Leadership & Strategy - Build, lead, and scale a high-performing information security organization, including security operations, risk, IT compliance functions. - Serve as a key advisor to executive leadership, the Board, and Audit/Compliance Committees on cybersecurity risk and strategy. - Drive enterprise-wide security awareness and training programs to foster a culture of security and compliance. - Align cybersecurity initiatives with business priorities, digital health innovation, and patient-centric outcomes. Qualifications - 12+ years of progressive leadership in information security, cybersecurity, and risk management, preferably within healthcare, life sciences, or other highly regulated industries. - Experience operating in a publicly traded or highly regulated environment with strong governance and compliance requirements. - Proven track record of leading enterprise security programs in complex environments involving clinical systems, digital platforms, and sensitive patient data. Domain Expertise - Deep knowledge of healthcare regulatory frameworks, including HIPAA, HITECH, HITRUST, and experience managing PHI/PII at scale. - Strong understanding of ITGC, SOX compliance, and audit processes. - Experience securing healthcare technologies, including EHR/EMR systems, patient engagement platforms, telehealth systems, and medical device integrations. Technical & Operational Expertise - Hands-on leadership in cloud security, infrastructure modernization, and enterprise security architecture. - Expertise in identity and access management (IAM), zero trust frameworks, and modern security operations. - Experience implementing and managing GRC platforms and frameworks such as NIST, ISO 27001, and HITRUST. - Demonstrated success in incident response, cyber resilience, and enterprise risk mitigation. Leadership & Interpersonal Skills - Strong executive presence with experience engaging Boards and Audit/Compliance Committees. - Proven ability to lead cross-functional initiatives across technology, clinical, legal, and operational teams. - Ability to operate effectively in a fast-paced, high-stakes healthcare environment where security and patient safety are paramount. Education & Certifications - Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. - Relevant certifications such as CISSP, CISM, CISA, CRISC, or HCISPP preferred. Benefits - Health Care Plan (Medical, Dental & Vision) - Retirement Plan (Roth 401k) - Life Insurance (Basic, Voluntary & AD&D) - Unlimited PTO Policy - Paid Holidays - Short Term & Long Term Disability - Training & Development

• Lead security incidents end-to-end, from detection and triage through containment, remediation, and post-incident review. • Act as incident commander, driving clear decisions and alignment across teams during high-pressure situations. • Conduct hands-on investigations across cloud and endpoint environments to determine root cause and impact. • Partner with Observability & Automation to improve detections, reduce noise, and build automated response playbooks. • Contribute to and refine incident response playbooks, runbooks, and documentation to improve readiness and consistency. • Collaborate with Security, Infrastructure, and Product teams to identify gaps and strengthen the incident response lifecycle. • Communicate effectively during incidents, providing clear updates to both technical and non-technical stakeholders.

Role Description The Senior Manager, U.S. Security Operations, West is accountable for the representation of Corporate Security and its workplace security programs for the business segments in the identified West region of the United States. The Senior Manager will: - Implement the short-to long-term vision, mission, and enterprise strategy of Corporate Security. - Lead security solutioning with business leaders. - Provide business leaders with relevant security incident reporting metrics and actionable data. - Coordinate business requirements with the Global Risk Management CoE to enhance security measures. - Champion security awareness, physical security, and proactive security training initiatives. - Raise potential obstacles/opportunities for enhancing security risk management enterprise-wide. - Ideate and innovate solutions to complex strategic problems. - Cultivate a security culture through security education. - Drive compliance with relevant global security regulations, company standards, values, and industry best practices. The Senior Manager will support the overall Corporate Security mission and enable the success, sustainability, and scalability of the entire enterprise workplace security program. This role includes building and maintaining solid internal partnerships with key stakeholders. Qualifications - 5+ years of relevant security experience in the private and/or public sector. - Experience managing workplace security operations and programs. - Demonstrated experience in managing complex security risks. - Experience dealing with incidents and critical events. - Critical understanding of confidentiality and situational sensitivity. - Proficient using MS Office Suite (Word, Excel, PowerPoint, Outlook, etc). - Proven ability to navigate high levels of ambiguity and make critical decisions rapidly. - Proven superior problem-solving and critical thinking ability. - Proven solid leadership engagement, communication, and presentation skills. - Proven high levels of integrity and credibility. Requirements - Work remotely from anywhere within the U.S. (Minneapolis or Washington, D.C. area requires in-office work a minimum of four days per week). - After hours on-call availability and up to 25% travel. - Other duties as required. Benefits - Comprehensive benefits package. - Incentive and recognition programs. - Equity stock purchase. - 401k contribution (subject to eligibility requirements). - Salary range: $91,700 to $163,700 annually based on full-time employment. Application Deadline This will be posted for a minimum of 2 business days or until a sufficient candidate pool has been collected.

• Accurately review, validate, and process high-volume sales orders, change requests, and cancellations received from the Sales team or customers into the system (e.g., SAP, Oracle, Salesforce). • Verify all critical order elements, including product codes, pricing, quantity, delivery dates, shipping instructions, and customer account details, ensuring alignment with the sales quote and company policy. • Ensure all necessary contractual documentation, customer-specific terms, and internal approvals (e.g., credit checks, legal review) are attached or referenced before finalizing the order. • Proactively communicate with the Sales team, Finance, and Inventory regarding any discrepancies found in pricing, product availability, delivery timelines, or incomplete documentation to resolve issues quickly and prevent order delays. • Maintain the integrity of customer and order data within the ERP/CRM system, performing regular audits and updates as required. • Identify bottlenecks or inefficiencies in the order creation process and recommend solutions to standardize and streamline workflows for faster processing. • Assist in generating reports related to order volumes, processing times, and common data errors to support Sales Operations analysis.