VP, Information Security

Morrisville, NC
Permanent
Full-time

1 day ago

We use cookies to offer you the best possible website experience. Your cookie preferences will be stored in your browser's local storage. This includes cookies necessary for the website's operation. Additionally, you can freely decide and change any time whether you accept cookies or choose to opt out of cookies to improve website's performance, as well as cookies used to display content tailored to your interests. Your experience of the site and the services we are able to offer may be impacted if you do not accept all cookies. Modify Cookie PreferencesReject All Cookies Accept All CookiesPress Tab to Move to Skip to Content LinkSearch JobsJob DescriptionApply nowStartPlease wait...VP, Information SecurityAre you looking for a high energy, strategic, and fast-paced position as a VP, Information Security? Join Relias, the company changing lives throughout the world by helping healthcare organizations improve their clinical and financial outcomes!For 11,000+ health care and human service organizations, Relias helps clients deliver better clinical and financial outcomes by elevating the performance of teams. We help organizations across the continuum of care get better at maintaining compliance, developing staff and promoting consistent, high-quality care. Our platform employs assessments to reveal specific gaps in skills and addresses them with personalized and engaging learning, choosing from 7,000+ online courses that meet accrediting board, state and federal requirements. We are passionate about our products and our clients; what we deliver and the impact we have on the world is truly something you can be proud to represent. Join us and make a difference.WHAT CAN RELIAS OFFER YOU?

Fantastic health and wellness benefits package, including an outstanding 401k match, a flexible PTO program, and a generous and inclusive parental leave policy. Additionally, Relias pays for the employee portion of the monthly healthcare premium!
Flexible work environment with onsite and work from home options - you choose when you want to come into the office!
Active Employee Resource Groups open to all employees!
Comprehensive onboarding program - a great introduction to our company, customers and culture!
Growth and career advancement opportunities!

20%+ annual employee promotion and transfer rate
Multiple development program options - leadership development, professional development curriculums, and Nanodegree options in both technology and data science
Professional development gained from conference attendance and participation in organizations like NC Tech
Onsite 321 Coffee Shop providing free coffee and pastries to employees

SUMMARY:The VP of Information Security is an executive leader responsible for driving enterprise-wide security strategy, governance, and operations. This role ensures that security practices scale with the business, high-risk exposures are reduced, and compliance with ISO, SOC 2, GDPR, FedRAMP, and HITRUST is achieved and sustained.WHERE YOU'll WORK (HYBRID)40+ days / quarter in our Morrisville office (near the Raleigh/Durham airport)WHAT YOU'LL BE DOING:

Strategy & Information Security Management System ISMS: Setting the multi-year security strategy and run the Bertelsmann ISMS: risk assessment / management, policy framework, KPIs/KRIs, and management reviews with the divisional team (at least quarterly).
Governance & Compliance: Delivering and sustaining ISO/IEC 27001, SOC 2 Type II, HIPAA, GDPR; map/advance FedRAMP/HITRUST and other frameworks.
Security Operations & IR: Mature SOC; driving continuous reduction in MTTD/MTTR; overseeing incident reporting obligations across the security organization.
Security by Design (with Engineering, IT & Ops): Co-owning secure-by-default standards and embedding them across products and core processes-threat modeling, SAST/DAST/SCA, secrets/vaulting, SBOM, and container/K8s hardening-driving measurable reductions in defect escape and time-to-remediate.
Enterprise/Cloud Security: Advancing Zero Trust identity, endpoint, network segmentation; hardening AWS/Azure (CSPM/CIEM), data protection & key management
AI Governance & Privacy: Actively participating in the AI Governance Committee; ensuring compliance with group AI thresholds, and partnering with Data Protection on privacy-by-design.
GRC/Trust Enablement: Scaling the customer trust program (security questionnaires, artifacts, CAIQ/SIG), supporting enterprise deals, and briefing customers as exec sponsor.
People & Culture: Building and retaining a high-performing team across GRC, AppSec, CloudSec, and SecOps; growing a security champions network and role-based training.
Exec Communication: Translating risk to financial impact and ROI; briefing CFO/Division on posture, roadmap, and investment trade-offs.
Partnering with engineering and operations teams to embed security by design into all products and processes.
Ownership of Relias reporting to the Bertelsmann ISMS: risk assessment/management, quarterly (at least) management reviews with the divisional team, and incident reporting across the security organization.

YOU'VE GOT WHAT IT TAKES IF YOU HAVE/ARE:

12+ years in information security with meaningful time leading across GRC, AppSec, CloudSec, and SecOps in cloud-native SaaS.
Proven success running an ISMS (ISO 27001) and delivering SOC 2 Type II; HIPAA/GDPR fluency; FedRAMP/HITRUST.
Bachelor's degree in information security or equivalent experience in Information Security
Executive presence and crisp communication-able to turn technical risk into business decisions and defend prioritization with data.
Experience building teams, operating incident command, partnering with Legal, IT, Engineering, and Internal Audit.
Knowledge of security and compliance frameworks (NIST, ISO 27001, SOC 2 (Trust Services Criteria), etc)
Analytical and troubleshooting of issues and needs
Strong technical background and the ability to discuss security topics at an architectural level
Communication and presentation skills (written and oral)
Leadership, teamwork and conflict management
Highly adaptable to constantly changing business and technology environments

EXPERIENCE/EDUCATION PREFERRED:Having at least one of the following certifications is a plus:

Certified Information Systems Security Professional (CISSP) - Strongly preferred
Certified Information Security Manager (CISM)
Certified Cloud Security Professional (CCSP)
Systems Security Certified Practitioner (SSCP)
Healthcare Information Security and Privacy Practitioner (HCISPP)

Relias is an Equal Opportunity Employer and a Drug-Free workplaceIN OFFICE REQUIREMENT:Relias values collaboration and wants to ensure that our team members have opportunities to work with their teams regularly for professional development opportunities. Our flexible hybrid work environment requires that you live in the state of North Carolina, within a commutable distance to our office (~1-hour commute). You would be expected to work in our Morrisville, NC Headquarters approximately 40 days/quarter.Company: Relias LLC | Job ID: 282599Apply nowStartPlease wait...© 2025 Relias LLC×Cookie Consent ManagerWhen you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. Because we respect your right to privacy, you can choose not to allow some types of cookies. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.Required CookiesThese cookies are required to use this website and can't be turned off.Show More DetailsRequired Cookies Provider Description Enabled
SAP as service providerWe use the following session cookies, which are all required to enable the website to function:

"route" is used for session stickiness
"careerSiteCompanyId" is used to send the request to the correct data center
"JSESSIONID" is placed on the visitor's device during the session so the server can identify the visitor
"Load balancer cookie" (actual cookie name may vary) prevents a visitor from bouncing from one instance to another

Media CookiesThese cookies provide a better customer experience on this site, such as by remembering your login details, optimizing video performance, or providing us with information about how our site is used. You may freely choose to accept or decline these cookies at any time. Note that certain functionalities that these third-parties make available may be impacted if you do not accept these cookies.Show More DetailsMedia Cookies Provider Description Enabled
YouTubeYouTube is a video sharing service that allows users to create their own profile, upload, watch, like and comment on videos. If you reject YouTube cookies, the video will not be displayed at all or will be displayed in YouTube's enhanced privacy mode without cookies being written.Functional CookiesThese cookies provide statistical information about our website and are used to measure and improve performance and provide functionality of these third-parties (LinkedIn and Google).You may freely choose to accept or decline these cookies at any time. Note that certain functionality that these third-parties make available may be impacted if you do not accept these cookies.Show More DetailsFunctional Cookies Provider Description Enabled
Google Tag ManagerGoogle Tag Manager is a tag management system for conversion tracking, website analytics, remarketing and more. The following tracking providers are integrated via the Google Tag Manager:Instagram
Google
LinkedIn
Performance Advertising
Pinterest
TwitterLinkedInLinkedIn is an employment-oriented social networking service. We use the Apply with LinkedIn feature to allow you to apply for jobs using your LinkedIn profile. Opting out of LinkedIn cookies will disable your ability to use Apply with LinkedIn.GoogleGoogle Analytics is a web analytics service offered by Google that tracks and reports website traffic.

Penguin Random House

Apply Now