×
Register Here to Apply for Jobs or Post Jobs. X

Director of Security & IT

Job in New York, New York County, New York, 10261, USA
Listing for: Social Leverage LLC
Full Time position
Listed on 2026-06-21
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Support
Salary/Wage Range or Industry Benchmark: 250000 USD Yearly USD 250000.00 YEAR
Job Description & How to Apply Below
Location: New York

Founded in 2019, Nayya is on a mission to connect people’s most important information, so they can thrive in their health and wealth. Powered by AI and advanced analytics, Nayya’s platform transforms complex benefits experiences into intuitive, seamless, and ongoing interactions—meeting people's real world needs. As a trusted platform and partner to leading employers, benefits solutions, and HR tech providers, Nayya unlocks long-term value through helping employees live more resilient lives.

Backed by strategic investors like ICONIQ, Felicis Ventures, Semper Virens, Workday Ventures, Met Life Nextgen Ventures, and ADP Ventures, Nayya is ushering in the future of health and wealth for all.

Role

Summary:

We are seeking a Director of Security & IT to lead Nayya's security strategy, compliance programs, and IT operations. This role will serve as the single point of accountability for protecting sensitive health and financial data, maintaining regulatory compliance, and ensuring the reliability and security of internal technology systems.

Nayya is a benefits intelligence platform serving approximately 5 million employees. Our AI-powered platform delivers personalized guidance grounded in real plan data and claims history. The security and compliance requirements of this environment are significant: we handle Protected Health Information (PHI) at scale and operate under HIPAA, SOC 2, and other regulatory frameworks.

This role reports to the Chief Product & AI Officer. The Director of Security & IT will partner closely with Engineering on infrastructure security while maintaining independent ownership of the security program, compliance posture, and IT operations.

Key Responsibilities
Security Program Leadership
  • Lead the design, implementation, and continuous improvement of a comprehensive security program spanning application security, infrastructure security, data protection, and incident response.
  • Implement and manage vulnerability assessments, penetration testing, and security audits to identify and mitigate risks across IT infrastructure and systems.
  • Develop and maintain security policies, procedures, and controls aligned to SOC 2 Type II and HIPAA Security Rule requirements.
  • Coordinate response to security incidents, including root cause analysis, containment, remediation, and legal reporting requirements.
  • Own identity and access management (IAM) strategy, ensuring least-privilege access controls across production systems, cloud environments, and internal tools.
  • Implement encryption, access control, audit logging, and other technical safeguards to meet HIPAA security requirements for data at rest, in transit, and during processing.
Compliance & Risk Management
  • Own SOC 2 Type II compliance initiatives, including audit preparation, controls documentation, evidence collection, and remediation of findings.
  • Ensure compliance with HIPAA Privacy and Security Rules across Nayya's handling of PHI, including technical safeguards and organizational policies.
  • Develop and maintain a risk management framework that identifies, evaluates, and prioritizes security and compliance risks, ensuring alignment with applicable regulations.
  • Conduct regular risk assessments and vulnerability scans to proactively address potential compliance gaps.
  • Prepare for and manage regulatory audits, customer security assessments, and external inspections related to data security and privacy.
  • Stay current on emerging trends in healthcare data privacy regulations (HIPAA, HITECH, state-level requirements) and assess their impact on company policies and procedures.
IT Operations & Help Desk Services
  • Oversee day-to-day IT operations, ensuring all systems, networks, and applications function effectively and securely with minimal downtime.
  • Lead the internal IT help desk function, ensuring timely resolution of technical issues with clear escalation protocols and service level agreements (SLAs).
  • Monitor help desk performance metrics and implement improvements based on organizational needs.
  • Manage IT asset lifecycle, including procurement, tracking, maintenance, and compliance with company policies.
  • Ensure effective onboarding and offboarding processes for IT…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary