Director of Cybersecurity jobs in United States
info-icon
This job has closed.
company-logo

Aeroflow Health · 1 day ago

Director of Cybersecurity

positionAsheville, NC
timeFull-time
remoteOnsite
seniorityDirector/Executive
date10+ years exp

Aeroflow Health is a leading company in the home medical equipment sector, focused on innovation and employee experience. They are looking for a Director of Cybersecurity to lead their security program, ensuring protection from threats while overseeing a skilled security team and collaborating across various departments.

Health CareMedical Device
check
Growth Opportunities
Hiring Manager
Brad Holda, GCDF, CPRW
linkedin

Responsibilities

Own and execute the enterprise security roadmap—ensuring planned initiatives are delivered, measured, and continuously improved
Provide strong, clear leadership to the Security Engineering and Security Compliance functions
Serve as the primary point of accountability for organizational security posture, reporting to senior leadership and key stakeholders
Develop, document, and enforce security policies, procedures, standards, and best practices
Actively participate in daily security engineering tasks, including tool implementation, security monitoring, incident investigation, and vulnerability management
Lead the architecture, deployment, and optimization of security technologies (SIEM, EDR, IAM, DLP, cloud security tools, network security solutions, etc.)
Oversee access management strategy and operations, ensuring strong identity, authorization, and least-privilege controls across all systems and environments
Partner with Engineering to secure systems, applications, and infrastructure
Oversee periodic penetration tests, threat modeling exercises, incident simulations, and red/blue team activities
Manage and mature third-party security risk practices, including vendor security reviews, ongoing monitoring, and contractual security requirements
Ensure regulatory and audit compliance (HIPAA, SOC2, HITRUST, and other healthcare/security frameworks)
Partner with Legal and Compliance teams to ensure security programs, tools, and practices meet contractual, regulatory, and industry expectations
Maintain documentation for compliance requirements and support internal and external audit efforts
Serve as a trusted advisor to leadership and technical teams regarding risk, architecture, and security-by-design
Drive companywide education, awareness, and accountability to embed security into every function
Manage and grow a high-performing security team, including a Security Engineer and a Security Compliance Specialist
Set clear expectations, provide coaching, and empower team members to execute and grow into subject-matter experts
Foster a collaborative and transparent culture centered on accountability, communication, and continuous improvement
Compliance is a condition of employment and is considered an element of job performance
Maintain HIPAA/patient confidentiality
Other job duties assigned

Qualification

Cybersecurity leadershipSecurity engineeringCloud security (Azure/AWS)IdentityAccess management (IAM)Incident responseVulnerability managementRisk mitigationThird-party security risk managementCompliance experience HIPAACompliance experience SOC2Compliance experience HITRUSTRelevant certifications CISSPRelevant certifications CISMRelevant certifications CCSPCommunication skillsCross-functional collaboration

Required

10+ years of progressive security experience, including hands-on technical security work and leadership responsibilities
Proven ability to lead security functions in a fast-moving, high-growth environment—preferably healthcare, SaaS, or regulated industries
Deep technical expertise in security engineering, cloud security (Azure/AWS), identity and access management (IAM), endpoint protection, network security, and modern DevSecOps practices
Experience leading incident response, vulnerability management, and risk mitigation efforts
Demonstrated experience assessing and managing third-party security risks and vendor access
Strong communication skills—able to translate complex technical concepts to leadership and non-technical teams
Experience partnering with cross-functional teams including Legal, Compliance, Engineering, and executive leadership
Must be onsite in Asheville, NC or willing to relocate (relocation support available for the right candidate)

Preferred

Experience in HIPAA, SOC2, HITRUST, or other compliance-heavy environments
Prior experience scaling a security function or building programs from the ground up
Relevant certifications (CISSP, CISM, CCSP, etc.)

Benefits

Health Plans with FSA or HSA options
Dental
Vision Insurance
Optional Life Insurance
401K with Company Match
12 weeks of parental leave for birthing parent/ 4 weeks leave for non-birthing parent(s)
Additional Parental benefits to include fertility stipends, free diapers, breast pump
Paid Holidays
PTO Accrual from day one
Employee Assistance Programs

Company

Aeroflow Health

twittertwittertwitter
company-logo
Aeroflow Health is recognized as a premier provider of durable medical equipment (DME). It is a sub-organization of Aeroflow Breastpumps.
dateFounded in 2001
location
Asheville, North Carolina, USA
people-size501-1000 employees
web-link
https://aeroflowhealth.com/

Funding

Current Stage
Late Stage

Leadership Team

J
Josh Hill
EVP

Recent News

GlobeNewswire
Aeroflow Health and Molina Healthcare Break Down Barriers to Nutrition and Diabetes Care in South Carolina
2025-12-10
GlobeNewswire
Computerworld Names Aeroflow Health as One of the Best Midsize Places to Work in IT
2025-12-09
Aeroflow Health
Aeroflow Urology Donates $30,000 to Support Family-Centered Care
2025-12-03
Company data provided by crunchbase