ForgeApply · Job listing
Information Security Lead
Clicktherapeutics
Apply in about a minute — without sacrificing quality.
ForgeApply autofills this application and tailors your resume to this exact posting. You review everything before it's sent. Free trial, no card required.
About this role
Who We Are:
Click Therapeutics, Inc., develops, validates, and commercializes software as prescription medical treatments for people with unmet medical needs. As a leading innovator of Digital Therapeutics™, Click delivers accessible, clinically proven, FDA-regulated prescription treatments to the smartphone in your hand. Click’s treatments are defined by a commitment to applying technical and scientific rigor and patient-centric design to the development process. This results in uniquely engaging experiences that achieve compelling clinical outcomes for patients seeking new treatment options. Click Therapeutics continuously expands and refines its platform with novel cognitive, behavioral and neuromodulatory mechanisms of action and advanced data-driven tools such as artificial intelligence and machine learning. The digital therapeutics under development on Click’s platform address diverse areas of therapeutic need, including indications in psychiatry, neurology, oncology, immunology, and cardiometabolic diseases. Consistently named a best place to work, Click fosters an inclusive, diverse workforce of innovators, clinicians, scientists, researchers, designers, technologists, engineers and more, united in a common mission to provide patients everywhere access to safe and effective prescription digital therapeutics. For more information, visit www.clicktherapeutics.com and connect with us on LinkedIn.
About the Role:
As Information Security Lead, you'll be at the forefront of safeguarding our groundbreaking digital therapeutics. We're seeking an individual with deep technical expertise in information security in the healthcare sector, ready to tackle complex challenges and pioneer innovative solutions. This isn't just a role; it's an opportunity to build, mentor, and inspire a high-performing team, while strategically collaborating across diverse departments to embed security into the very fabric of our revolutionary products. Your ability to swiftly master new technologies and meticulously adhere to processes in a highly regulated environment will be crucial as you champion information security across every facet of our company and with all our valued partners.
This position is based out of Click’s headquarters located in Tribeca, NYC, at the center of one of the fastest-growing digital health communities. We have a hybrid working model that consists of at least 4 days in office each week.
Responsibilities:
• Maintain, and continually improve the Information Security Management System (ISMS) to maintain relevant certifications (e.g., ISO 27001, SOC 2, IEC 81001-5-1 and UK Cyber Essentials Plus).
• Lead the technical security aspects of data privacy to ensure compliance with GDPR, CCPA, and HIPAA.
• Lead and mature the company's Security Operations Center (SOC) capabilities, including threat intelligence, monitoring, detection, and analysis.
• Responsible for collecting, analyzing, escalating, and responding to cybersecurity vulnerabilities, threats, and attacks using SIEM and EDR technologies.
• Collaborate with Engineering to ensure Secure Development Lifecycle (SDLC) practices are followed, integrating threat modeling, static/dynamic analysis, fuzz testing, and formal verification into the development process.
• Develop and maintain reporting of Key Performance Indicators (KPIs) of threats and incidents, including incident response timeliness and general observability metrics.
• Oversee security testing activities, including penetration testing and vulnerability scanning.
• Conduct security training and awareness programs for employees to promote a culture of security.
• Oversee all third-party and vendor risk management activities
• Collaborate with Quality and Regulatory on cybersecurity processes
• Support regulatory submissions by generating Cybersecurity Quality Management System (QMS) documentation, ensuring compliance with FDA Cybersecurity Guidance (2025), EU MDR, NIST 800-53, IMDRF, and AAMI TIR57.
Qualifications:
At Click, we aren't just looking for talent; we are looking for the next evolution of the modern professional. To us, AI is not a future possibility, it is a present-day prerequisite. We expect every Click colleague to have seamlessly integrated AI into their professional workflow and personal productivity, using it as a force multiplier to move faster, think deeper, and deliver superlative results that were previously out of reach. If you do not yet view AI as an essential partner in your daily pursuit of excellence, you will find it impossible to keep pace with our mission. High performers who harness AI technology to transcend traditional boundaries and set new benchmarks for professional excellence will thrive at Click.
• Embracing technological evolution is central to our DNA. Because AI defines our future, this role requires a proven ability to integrate AI technologies to drive innovation and impact.
• Experience within a highly regulated industry such as medical devices, pharmaceuticals, biotechnology, or healthcare
• Understanding of common security frameworks and standards, including NIST Cybersecurity Framework (CSF), ISO 27001/27002, and SOC 2.
• Knowledge of risk assessment methodologies, threat modeling, network security, cloud security (AWS), application security, and data protection technologies.
• Experience leading or participating in formal security audits.
• Experience in interfacing with engineering teams and running in tiger-teams or embedded SME Scrum teams.
• Leadership and communication skills, with the ability to articulate complex security concepts to technical and non-technical audiences.
Compensation:
The base salary range for this position is between: $130,000 - $200,000. The final base salary will be dependent upon skills, experience and location. In addition to the base salary, Click Therapeutics offers an annual performance-based cash bonus and a generous equity package.
Benefits:
The role includes great
Ready to apply to Clicktherapeutics?
Apply in about a minuteSimilar jobs
- Information Security Lead — Findanomaly · Remote
- Application Security Lead — Hightouch · Remote
- Head of Information Security — Sendbird · San Mateo, California, United States
- Security Lead — Playson · Remote
- Cybersecurity Lead/ISSM — Darkwolfsolutions · Herndon, VA or Colorado Springs, CO
- Physical Security Lead — Northwoodspace · Torrance, CA
- Information Security Engineer — Palantir · Washington, D.C.
- Information Security Engineer — Palantir · Seattle, WA