Director, IT & Security
Austin, TX - USA
Department:
Job Summary
Overview
Tonal is the worlds most intelligent strength training system combining hardware software AI computer vision and world-class content to help people build strength and live healthier. Tonal is now expanding into healthcare and clinical applications connecting strength training technology with providers employers and payers to deliver measurable health outcomes raising the bar for what our IT and security function needs to deliver.
Were looking for a Director of IT & Security to own this function end-to-end. This role carries the highest privileges across our most sensitive systems and direct accountability for IT and security outcomes company-wide. Youll report to the VP of Business Technology and work closely with senior leadership. The ideal candidate has a start-up mentality comfortable moving fast in a lean resource-constrained environment while never losing sight of the security and compliance discipline a healthcare-adjacent company requires.
What You Will Do
Own end-to-end IT operations including device lifecycle onboarding/offboarding SaaS administration identity and access management help desk and office infrastructure across all locations.
Lead the technical controls side of Tonals HIPAA compliance program implementing the safeguards required by the HIPAA Security Rule and HITECH Act encryption SIEM MDM/EDR and role-based access.
Own and execute Tonals security program: penetration testing remediation security policy tabletop exercises vendor security reviews and incident response.
Govern Tonals AI tool ecosystem including licensing spend API key governance corporate AI policy and DLP and prompt injection protections. Drive AI training and best practices across the organization.
Administer Tonals SaaS portfolio owning contract renewals license optimization and vendor negotiations across critical platforms.
Drive automation and identity governance maturity including Okta Identity Governance expanding SCIM-based provisioning building & enforcing RBAC frameworks and driving workflow automation and system integration.
Lead and grow the IT & Security team managing engineers and administrators overseeing the virtual CISO engagement owning the budget and aligning org structure to Tonals needs.
Own IT documentation and process improvement maintaining runbooks and closing gaps in onboarding offboarding and incident response and driving overall automation.
Manage global physical infrastructure networking Wi-Fi AV and physical access across a distributed multi-office footprint.
Serve as a trusted operator on Tonals most sensitive matters from executive access provisioning to security incidents and legal holds.
Report regularly to senior leadership and the C-suite translating IT & Security roadmap priorities progress technical risk and incident management into clear actionable narratives.
Who You Are
10 years in IT and security leadership with full functional ownership and experience across identity and access management endpoint security SaaS administration network infrastructure and security program management.
Hands-on HIPAA compliance implementation experience beyond writing policies
Track record of building a security program from the ground up: policy penetration testing and real incident response
Broad expertise across identity and access management endpoint security SaaS administration and network infrastructure
Equally comfortable configuring technical systems and presenting security risk to executive leadership
A start-up mindset: thrives in fast-moving resource-constrained environments without cutting corners on security
Proven ability to prioritize with a lean team and limited budget with outcomes to show for it.
Experience managing a large SaaS portfolio including contract renewals vendor negotiation and license governance
Strong people leadership skills setting clear expectations and developing team members
High standards of trust integrity and discretion given access to the companys most sensitive systems
Extra Credit
HIPAA compliance roll-out and execution owning the technical controls end-to-end.
Experience with SOC 2 Type II NIST CSF or HITRUST in a hands-on implementation capacity
Background in healthcare technology digital health or clinical-grade software environments
At Tonal we believe that the unique and varied lived experiences of our teammates contribute to our overall strength. We dont just appreciate differences we celebrate them and we always seek people that represent a wide variety of backgrounds. Were dedicated to adding new perspectives to the team and designing employee experiences that contribute to your growth as much as you do to ours. If your experience aligns with what were looking for (even if you dont check every single box) send us your application. We would love to hear from you!
Tonal is committed to meeting the diverse needs of people with disabilities in a timely manner that is consistent with the principles of independence dignity integration and equality of opportunity. Should you have any accommodation requests please reach out to us via our confidential email All requests will be addressed and responded to in accordance with Tonals Accessibility Policy and local legislation.
Required Experience:
Director
About Company
Transform your workouts with Tonal, the leader in smart home gym equipment. Get AI-powered training and full-body workouts in a sleek, space-saving design.