AVP, Healthcare Cybersecurity

EXL

full-time

Posted on: 9/29/2025

Location Type: Hybrid

Location: Jersey City • New Jersey • 🇺🇸 United States

Visit company website

✨ AI Apply

Apply

Job Level

Lead

Tech Stack

AWSAzureCloudCyber Security

About the role

Overseeing cybersecurity operations and strategy within EXL Health and Life Sciences business units
Manage application security, infrastructure security, SOC operations, incident response, and third-party risk management
Conduct enterprise risk assessments and develop mitigation strategies
Ensure compliance with federal, state, and industry regulations governing PII, PHI, and other sensitive data
Coordinate security audits, vendor risk assessments, and penetration testing
Integrate security into business processes, product development, and IT operations, including DevSecOps practices
Serve as the primary escalation point for security events, coordinating containment, investigation, and post-incident reviews
Serve as a trusted advisor to executive leadership on security posture, risk, and enterprise resilience
Define and execute the company’s security strategy aligned with business objectives
Lead major incident response efforts, including executive and board-level communications
Partner with IT, DevOps, and business units to embed security into technology, systems, and business processes
Manage SOC operations, threat detection, and secure design of systems, applications, and cloud environments (AWS, Azure)
Ensure adherence to leading security and compliance frameworks, including HIPAA, HITECH, FedRAMP, SOC 2, ISO 27001, and PCI DSS
Provide technical consultation and training to IT and business teams on secure design and operational practices
Foster a culture of security awareness through focused training programs

Requirements

Minimum of 10 years of experience in cybersecurity, with deep expertise in healthcare regulations such as HIPAA, HITECH, and HITRUST
Equivalent experience or a degree in cybersecurity, information systems, or a related field
Advanced certifications (e.g., CISSP, CISM) or degrees are highly desirable
Proven success in shaping and executing security strategies and initiatives that improve patient data protection, regulatory alignment, and secure care delivery
Strong executive communication and facilitation skills, with experience leading workshops, building consensus, and influencing senior stakeholders
Demonstrated ability to lead cross-functional engagements, drive alignment, and proactively contribute to strategic opportunities
Familiarity with Generative AI (e.g., Copilot, Gemini) and its implications for security, governance, and risk management
Experience with agile methodologies, design thinking, and collaborative solution development
Ability to conduct market research and translate insights into actionable security strategies and content
Strong collaboration, influencing, and negotiation skills, with a relentless focus on customer success
Ability to work in a fast-paced, dynamic environment where initiative and assertiveness are key
Passion for mentoring, sharing knowledge, and contributing to a culture of continuous learning
Research and evaluate emerging privacy technologies from academia and industry, contributing to open-source tools and AI privacy standards
Act as consultant and advocate for privacy best practices as central to our mission of Responsible AI
Preferred: experience embedding security into developer culture and broad security domain knowledge such as Red Teaming, Purple Teaming, Vulnerability Research, and Exploitation
Preferred: Master’s degree in Information Systems Engineering, Computer Science, Engineering, Information Security, Cyber Security, Information Assurance, or related field

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

cybersecurityapplication securityinfrastructure securityincident responsethird-party risk managementrisk assessmentsDevSecOpsthreat detectionsecure designGenerative AI