Director of Cybersecurity & IT Infrastructure

Millions of people live with allergies, asthma, and complex immunological conditions that quietly disrupt their daily lives - from poor sleep and chronic discomfort to limits on how they work, move, and show up for the people they love. Too often, care is fragmented, reactive, or focused on managing symptoms instead of truly improving quality of life. AllerVie Health exists to change that. Our mission is simple but powerful: help patients achieve and maintain better health - free from the symptoms and suffering that hold them back. Through comprehensive, personalized care, we support patients at every stage of their journey, delivering real relief and measurable improvements in how they live day to day. As a growing healthcare organization, we're expanding access to specialized allergy and immunology care across communities - and building teams that make that impact possible. Whether you're in a clinical, operational, or corporate role, your work directly supports patients getting their lives, energy, and confidence back. If you're motivated by meaningful work and want to be part of a mission you can feel, we'd love to meet you. About You: You're energized by purpose-driven work and believe progress happens through accountability, collaboration, and integrity. You take ownership of your work, care about doing things the right way, and bring a positive, people-first mindset to how you support teams. You advocate for better systems and decisions that ultimately improve patient care. If you're excited to do meaningful work that supports something bigger than yourself, we'd love to connect.

Summary of Position:

The Director - Cybersecurity & IT Infrastructure is a senior technology leader responsible for defining, executing, and continuously evolving AllerVie Health's cybersecurity and infrastructure strategy. This role ensures enterprise systems are secure, scalable, reliable, and aligned with the organization's growth.

Operating at both a strategic and hands-on level, this leader will own cybersecurity and infrastructure across a multi-site healthcare environment, while partnering closely with IT operations leadership to ensure seamless execution. The role requires a strong balance of vision, technical depth, and operational engagement, particularly in high-impact or high-risk scenarios. This role will be 5 days in office at our Frisco, TX office. Reporting to our Chief Information Officer., Cybersecurity & Risk Management (Primary Focus)

• Own enterprise cybersecurity strategy, including policies, standards, and enforcement.
• Lead identity and access management (IAM), including SSO, MFA, provisioning, and access governance.
• Oversee network security architecture (firewalls, IDS/IPS, VPNs, segmentation, Zero Trust).
• Direct vulnerability management, patching strategy, and remediation tracking.
• Oversee SOC/SIEM operations, threat monitoring, and incident escalation.
• Lead incident response planning and execution, including investigation and post-incident analysis.
• Develop security metrics, dashboards, and executive-level reporting.
• Act as primary leader during high-risk security incidents.

IT Infrastructure Strategy & Oversight (Primary Focus)

• Lead the design, architecture, and lifecycle management of enterprise IT infrastructure.
• Oversee servers, virtualization (VMware/Hyper-V), networking (LAN/WAN), wireless, storage, and backup systems.
• Define and implement cloud and hybrid infrastructure strategy (Azure, AWS, SaaS integrations).
• Ensure infrastructure scalability, performance, and reliability across all locations.
• Establish infrastructure standards, best practices, and modernization initiatives.
• Act as escalation point for complex infrastructure issues and major incidents.
• Provide hands-on support for critical implementations or outages when needed.

Business Continuity & Disaster Recovery

• Own enterprise disaster recovery (DR) and business continuity (BC) strategy.
• Define RTO/RPO targets aligned to business priorities.
• Lead DR testing, failover readiness, and recovery execution.
• Ensure uptime and continuity of critical systems across the organization.

Governance, Risk, and Compliance (GRC)

• Ensure compliance with HIPAA, SOC 2, PCI-DSS, GDPR, and other frameworks.
• Lead audit readiness, documentation, and remediation efforts.
• Establish and maintain IT risk management frameworks.
• Partner with executive leadership to assess and mitigate enterprise risk.

Vendor & Third-Party Risk Management

• Oversee vendor relationships across infrastructure, security, and technology services.
• Lead third-party risk management (TPRM), including assessments and monitoring.
• Support contract negotiations and ensure SLA and compliance adherence.

IT Partnership & Operational Alignment

• Partner closely with IT operations leadership overseeing service desk, end-user computing, and telecom.
• Provide strategic guidance and governance across operational IT functions.
• Act as escalation point for high-impact issues while maintaining alignment across teams.
• Support system integration and cross-functional collaboration across IT and business units.

Leadership & Strategy

• Serve as the senior leader accountable for cybersecurity and infrastructure enterprise-wide.
• Define and execute a multi-year technology and security roadmap aligned with business growth.
• Lead and mentor IT infrastructure and security teams, fostering innovation and accountability.
• Support M&A activities including due diligence, integration, and risk assessment.
• Build scalable, resilient systems and reduce dependency on single points of failure.

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field.
• 10+ years of progressive IT experience, including infrastructure and cybersecurity leadership.
• Deep expertise in cybersecurity, infrastructure architecture, and risk management.
• Experience with cloud platforms (Azure, AWS), networking, and enterprise security frameworks.
• Strong knowledge of IAM, vulnerability management, DR/BC, and regulatory compliance.
• Experience in healthcare environments and HIPAA compliance., * Master's degree in Cybersecurity, Information Systems, or Business.
• Certifications such as CISSP, CISM, CISA, or CCSP.
• Experience with M&A integrations and healthcare platforms (EHR/EMR).
• Familiarity with Zero Trust, NIST, and HITRUST frameworks.

Core Competencies

• Strategic and forward-thinking leader with strong technical depth.
• Ability to operate at both executive and hands-on levels.
• Strong communicator with executive presence and risk translation ability.
• Collaborative partner across IT and business functions.
• Proven ability to build scalable, secure, and resilient environments.

Physical Requirements

• Prolonged periods of sitting and working on a computer.
• Occasional travel for clinic openings, regional initiatives, or company events.

Health insurance, 401(k) matching, Paid time off, Vision insurance, Health savings account, Dental insurance, Life insurance, Paid holidays 2500 Legacy Dr Ste 200, Frisco, TX 75034, When you join AllerVie Health, you become part of a purpose-driven team dedicated to transforming lives through compassionate allergy care. We recognize and value the experience, perspective, and commitment you bring to our mission. In return, we offer competitive compensation and comprehensive benefits that empower you to thrive. This support enables you to give your best to the patients who count on us every day., * Medical, Dental, and Vision Insurance Plans

• Employer HSA contribution
• Employer-Paid Life Insurance
• Supplemental benefit offerings
• 401(k) Plan with employer match
• Generous PTO and paid holidays