Head of Information Security
Willow is a platform for products that help improve the lives and health of women. We are a mission-driven team of experienced inventors, mothers, and fathers dedicated to making a difference in women’s lives. The Willow™ Wearable Breast Pump, selected as one of TIME's 25 Best Inventions in 2017 and 2018 CES Innovation Award for Wearable Technologies, is the first solution in our platform. We are building a brand rooted in innovation, freedom and belonging. Our promise to moms is to ease the stress of early motherhood at a time when they need confidence and support the most.
Director, Information Security will lead and have overarching responsibility for Willow’s security strategy and implementation on an international scale. You will be responsible for providing a highly scalable, reliable, and effective security foundation that serves the customers and business operations of the company.
What You'll Do:
- Overall Information Security strategy and execution for a growing consumer medical device company
- Lead the development of the Information Security strategic roadmap and implementation of company-wide initiatives to drive new security initiatives company-wide
- Partner with 3rd parties to assess/audit and recommend the security framework that is right for our business
- Ensure and maintain physical, network, data, product, and supply chain security across the organization
- Lead security governance and overall risk management
- Partner with Legal to develop Data Privacy policies and governance structures for Willow
- Monitor laws, regulations and industry standards to keep Willow compliant with the evolving security landscape
What You'll Need:
- 10+ years leading an information security team
- Security Assurance experience - audits, frameworks, regulators
- Application, Network, Cloud, Data and Enterprise Security Architecture and Ownership
- Incident Response / BCP Experience
- Strong vision for building a Security based culture
- Experience building and implementing the security function from the ground-up in a regulated environment
- Strong IT and SSDF and DevSecOps knowledge.