Key skills
AWSAzureCloudGoogle Cloud PlatformLinuxMacOSGCPGoogle CloudSaaSLeadershipCommunicationRemote WorkNetwork SecurityCloud Security
About this role
Role Overview
- Own enterprise-wide security incident response —ensure the team can detect, triage, contain, eradicate, and recover from incidents across cloud, on-prem, SaaS, and endpoint environments with speed and precision.
- Maintain and continuously improve the incident response plan, playbooks, escalation procedures, and communication templates, ensuring they are tested, current, and aligned to NIST CSF 2.0.
- Serve as incident commander or executive sponsor for high-severity incidents; make real-time decisions on containment and remediation under pressure.
- Drive post-incident reviews that produce actionable findings, root-cause analysis, and measurable improvements—not just documentation.
- Coordinate threat response across US and India teams, ensuring consistent coverage, quality, and process regardless of geography.
- Partner with Legal & Privacy throughout the incident response lifecycle—ensuring timely notification assessments, evidence preservation, regulatory reporting obligations, and litigation hold requirements are met in coordination with response activities.
- Own the security and IT tooling portfolio across the company: endpoint management (MDM, EDR), identity infrastructure, SIEM/SOAR, network security, vulnerability scanning, email security, cloud security posture management, and related platforms.
- Build and maintain operational metrics and dashboards that provide the CISO and leadership with clear visibility into incident trends, MTTD/MTTR, tool health, SLA performance, and infrastructure posture.
Requirements
- Bachelor’s degree required; advanced degree preferred.
- One or more preferred: CISSP, CISM, GIAC (GCIH, GCIA, GCFA), CCSP, or similar.
- Incident response or forensics certifications (GCIH, GCFE, GCFA, EnCE) are a strong differentiator.
- 10+ years in information security, with 5+ years in leadership roles managing security operations, incident response, or infrastructure/engineering teams.
- Proven experience managing a team of senior engineers/architects responsible for running a broad portfolio of security and IT tools in a multi-cloud (AWS, Azure, GCP) and multi-OS (Windows, macOS, Linux) environment.
- Experience in healthcare, health IT, payments, or other highly regulated data environments where PCI, HITRUST, SOX, and SOC 2 interact.
- Strong technical fluency across: SIEM/SOAR platforms, EDR/XDR, network security, cloud security (AWS, Azure, GCP native controls), endpoint management (MDM, patching), identity infrastructure, and vulnerability management.
Tech Stack
- AWS
- Azure
- Cloud
- Google Cloud Platform
- Linux
- MacOS
Benefits
- Remote First: 100% Remote work + home office expense reimbursements+ monthly reimbursement for cell phone, internet and wellness.
- Top of market rewards: Competitive compensation
- Take time when you need time: Flexible PTO + company holidays
- Top class healthcare benefits: Variety of healthcare benefits for you and your family (and your pets!) starting day one
- Care about your families: Generous top-up for parental leave benefits
- Support personal development: Continuing education and professional certification reimbursement
- Connecting in person: Various offsite events and activities for team to connect and meet in person, to support team building and engagement.
- Giveback to community: Local in-person volunteer events, and give back programs to our communities.
- Recognition and perks: We have a company wide recognition tool (Phireworks) to celebrate milestones, recognize achievements and strengthen your bond with your teams. You can accumulate points and redeem them for a wide catalogue of items!
- Diversity and inclusive environment: At Phreesia, all employees are encouraged to bring their authentic self to work, feel supported and perform at their best. We have a variety of Employee Resources Groups (ERGs) which bring together individuals from a wide range of backgrounds, experiences and perspectives, and seek to foster a sense of shared community and empowerment for employees who share a common social identity, such as gender, race, ethnicity, and sexual orientation. Opportunity to join an Employee Resource Group.