VP of Security

At Dario, Every Day is a New Opportunity to Make a Difference.

We are on a mission to make better health easy. Every day our employees contribute to this mission and help hundreds of thousands of people around the globe improve their health. How cool is that? We are looking for passionate, smart, and collaborative people who have a desire to do something meaningful and impactful in their career.

The VP of Security is a senior leader within the Compliance function who owns the strategy, oversight, and continuous improvement of DarioHealth's information security program. This role serves as the day-to-day security authority and is accountable for security architecture, engineering, and operations outcomes. Day-to-day security execution is primarily carried out by R&D and DevOps teams; the VP of Security provides direction, standards, and governance to ensure security objectives are met, supplemented by consultants or managed services as needed. 

A Fractional CISO is engaged to provide periodic executive-level guidance. The VP of Security will align with the Fractional CISO as needed but operates independently and owns program execution. Both report directly to the CCO. 

The primary responsibilities of this job include:

• Drives the enterprise security strategy, roadmap, and KPIs set in collaboration CCO and Fractional CISO.  
• Define acceptable risk levels in partnership with business leaders and ensure security investments are aligned to organizational priorities. 
• Oversee the development, implementation, and ongoing management of security capabilities including security architecture, engineering, and operations. 
• Direct and coordinate with key stakeholders (e.g. IT, R&D, Product Development, DevOps) to ensure technology solutions incorporate sound security design and governance principles. 
• Define and govern security best practices, guidelines, and patterns and ensure these are embedded within business and IT processes. 
• Ensure security architecture and operations align with relevant regulatory and industry frameworks including HIPAA, HITRUST, NIST CSF, SOC 2 Type II, ISO 27001, and FDA requirements. Partner with Compliance on ISMS control ownership, audit evidence, and continuous monitoring. 
• Provide security oversight and subject matter input across Dario's secure software development lifecycle, serving as the security liaison to ensure business requirements translate into secure specifications. 
• Oversee the build-out and continuous improvement of security operations including vulnerability management, logging and monitoring, SIEM, detection engineering, and incident readiness and response. 
• Ensure proper configuration, maintenance, and operation of the security tooling stack (e.g. SAST/DAST, CSPM, EDR, IAM integrations, secrets management). 
• Define and continuously measure security benchmarks and KPIs. 

• 10+ years of experience as an Information Security Director, preferably in a SaaS or Medical company. 
• Extensive knowledge of network and cloud infrastructure security and best practices. 
• Security governance and risk management experience. 
• Healthcare security background (HIPAA, FDA, GDPR) preferred. 
• Prior experience and deep knowledge in implementing and maintaining HiTrust, PCI, ISO27001, SOC2, SOX and HIPAA. 
• Strong knowledge of current and emerging cyber security risks (primarily on web and cloud), and modern risk management methods and solutions. 
• Knowledge of application security standards and frameworks such as OWASP 
• Ability to influence others and work at all levels and departments across the organizational and with external vendors and partners. 
• In-depth knowledge of Security standards (ISO27001, HiTrust, PCI) and Privacy regulations (GDPR, CCPA, ISO27701, HIPAA). 
• Fluent English both written and verbal. 
• Experience with the AWS ecosystem. 
• Experience with large-scale systems. 
• Cybersecurity certifications (e.g., CISSP, CISA, CFE) preferred. 

***DarioHealth promotes diversity of thought, culture and background, which connects the entire Dario team. We believe that every member on our team enriches our diversity by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and to discover, design and deliver solutions. We are passionate about building and sustaining an inclusive and equitable working and learning environments for all people, and do not discriminate against any employee or job candidate. ***