Job Title

Job Title: Senior Director-Product & Information SecurityLocation: BangaloreJob Type: Full Time, HybridImmediate joiners or notice period less than 15days are neededThis Role:The Senior Director - Product & Information Security at LogixHealth will lead the efforts to ensure the organization and our partners are as secure as possible. This role will help ensure that security is always front and center across all our products, systems, platforms and tools within our ever growing environment. This role will work with a globally distributed team of engineers working in our fast-paced environment.Key Responsibilities:Own and lead end-to-end Product/Application Security, Cloud & Data Center Security, and IT Security for a US HealthTech organizationProvide strategic and operational leadership for the Security Operations Center (SOC), including detection, monitoring, incident response, escalation, and reportingEstablish and govern secure SDLC practices across all applications, including threat modeling, SAST, DAST, dependency scanning, penetration testing, and remediation trackingOwn security architecture and controls across cloud platforms, hybrid infrastructure, and on-prem data centers, ensuring strong identity, network, and data protectionPartner closely with Product, Engineering, IT, and Platform teams to embed security-by-design without slowing product delivery or impacting patient/user experienceDefine, implement, and enforce information security governance, policies, standards, and procedures aligned with healthcare regulatory requirementsEnsure continuous compliance and audit readiness for HIPAA, SOC 2, HITRUST (preferred), ISO 27001, and other applicable US healthcare regulationsLead incident response and crisis management, including tabletop exercises, breach simulations, regulatory notifications, and post-incident reviewsOversee vulnerability management, risk assessments, security testing, and remediation across applications, infrastructure, endpoints, and third-party vendorsDrive security automation across SOC operations, compliance reporting, control monitoring, and alerting to improve speed, accuracy, and scaleBuild and maintain strong risk management and reporting frameworks, providing clear visibility into security posture, key risks, and mitigation progress to executive leadershipFoster a strong security-first culture through ongoing awareness programs, phishing simulations, workshops, and targeted training for technical and non-technical teamsLead, mentor, and scale a high-performing security, compliance, and SOC team, ensuring clear accountability, skill development, and succession planningManage relationships with security vendors, MSSPs, auditors, regulators, and external partners, ensuring SLA adherence and cost-effective outcomesAct as a trusted advisor to executive leadership on security risks, regulatory exposure, and business trade-offs in a healthcare environmentQualifications:The following requirements are representative of the knowledge, skills, and/or ability required to perform this job successfully. Reasonable accommodation may be made to enable individuals with disabilities to perform the duties.Required:12+ years of progressive experience across Product/Application Security, Cloud/Infrastructure Security, and SOC operations, with at least 3+ years in a senior leadership capacityDemonstrated experience owning or leading a SOC function, including incident response, threat detection, security monitoring, and operational governanceProven ability to define and execute cybersecurity strategy, roadmap, and long-term security visionStrong balance of strategic leadership and hands-on execution, with the ability to drive both direction and deliveryProven expertise in Application Security, including Penetration Testing, Secure SDLC, DevSecOps, vulnerability management, and secure architecture principlesDeep expertise in cloud security controls across AWS, Azure, and GCP, including container and Kubernetes securityStrong experience in security governance, compliance, and risk management, including ISO 27001 / ISO 2700x, SOC 2, GDPR, HIPAA, HITRUST, and audit readinessDemonstrated experience embedding security controls and best practices into engineering workflows and driving adoption across development teamsProven ability to work cross-functionally with Engineering, DevOps, Legal, Compliance, Risk, and business stakeholdersStrong ability to communicate and influence executives, auditors, regulators, and cross-functional leadership teamsExcellent analytical, problem-solving, and people leadership skills, with a strong bias toward ownership, accountability, and measurable outcomes