JobHunter AI
IT Security & Compliance Lead
VIA HealthTech
Work Mode
Hybrid
Type
Internship
Sector
Education
First Seen
2026-07-06
Source
arbeitnow
Hybrid Education IT Data MEAL Deadline Unclear
Job Description
<p>VIA HealthTech automates psychotherapy documentation — from session notes to psychological reports — so therapists spend less time on admin and more time with patients.</p> <p>We work at the intersection of mental healthcare, AI, and software. Security is central to what we build: we process highly sensitive data and already hold C5 and ISO27001 certification.</p> <h2>Tasks</h2> <p>We are looking for a hands-on IT Security &#x26; Compliance Lead to own security and compliance end-to-end at VIA.</p> <p>This is a broad role in a small team. You will not only define policies — you will implement systems, configure tools, improve cloud and product security, run audits, and work directly with engineering to make security a practical part of how we build.</p> <p>Your goal is to make VIA more secure while helping the team move faster, not slower.</p> <p><strong>What you’ll do</strong></p> <ul> <li>Own internal IT security end-to-end: devices, access management, 2FA, endpoint protection, policies, onboarding and offboarding</li> <li>Professionalize and operate our internal IT setup</li> <li>Own IT Compliance (ISO27001 and C5), including audits, evidence management, policies, risk management, corrective actions, auditor communication, and internal training</li> <li>Improve cloud security across infrastructure, access control, encryption, logging, monitoring, and operational processes</li> <li>Work closely with engineering on product security across web, desktop, mobile, backend, and AI-related systems</li> <li>Help embed security into the development lifecycle without creating unnecessary overhead</li> <li>Coordinate external security work such as penetration tests, security reviews, and vendor assessments where needed</li> <li>Identify security gaps, prioritize what matters, and implement pragmatic improvements</li> </ul> <h2>Requirements</h2> <p><strong>Required:</strong></p> <ul> <li>Strong hands-on experience in IT Security, Information Security, Cloud Security, or a closely related field</li> <li>Practical experience securing cloud-based software products and internal IT environments</li> <li>Solid understanding of IAM, endpoint security, device management, encryption, logging, access control, and incident response</li> <li>Experience with ISO27001 and/or C5, ideally including audit ownership or major audit involvement</li> <li>Ability to work directly with engineering teams on technical security topics</li> <li>Strong operational ownership: you see what needs to be done and make it happen</li> <li>Pragmatic judgment: you know how to raise the security bar without blocking a fast-moving team</li> <li>Clear communication and comfort working in an async-first startup environment</li> </ul> <p><strong>Nice to have:</strong></p> <ul> <li>Experience in healthcare, regulated environments, or companies handling highly sensitive data</li> <li>Experience with application security, secure SDLC, threat modeling, or vulnerability management</li> <li>Experienc
Skills
IT Security