Director, IT Infrastructure and Security

Job Summary:

The IT Infrastructure & Security Director at Inogen is an important role responsible for managing the organization's IT infrastructure and cybersecurity function at all locations worldwide. This includes overseeing the transition to Azure cloud services, onsite infrastructure, SD-WAN, LAN, ISPs, backup and recovery, telecommunications, managing the cybersecurity for the enterprise, DLP, ensuring the cybersecurity integrity of our medical device products, supporting the cellular connectivity projects, integrating newly acquired companies, and maintaining compliance with international regulations such as GDPR and SOX. Reporting directly to the CDIO, this role demands a practical leader adept at navigating the complexities of IT infrastructure and cybersecurity within the highly regulated healthcare and medical device sectors, ensuring operational excellence, transparency, integrity, and the protection of shareholder interests.

Responsibilities (Specific tasks, duties, essential functions of the job)

• Strategy and Execution: Develop and execute a strategic vision for IT infrastructure and cybersecurity that aligns with the company's goals and regulatory requirements. Foster a culture of innovation, accountability, and continuous improvement.
• Cloud Infrastructure Management: Oversee the transition to and management of cloud-based infrastructure services, focusing on scalability, security, and cost-efficiency. Manage relationships with cloud service providers, managed service providers (MSPs), and ensure the architecture supports both current and future business needs.
• Team Leadership and Development: Build, lead, and mentor a lean but high-performing team. Promote a culture of diversity, inclusion, and professional growth. Manage remote and global teams effectively, ensuring high levels of collaboration and engagement.

• Regulatory Compliance and Governance: Ensure IT infrastructure and cybersecurity practices meet the stringent requirements of public company governance, including ISO, SOX, HIPAA, and GDPR compliance. Maintain up-to-date knowledge of regulations affecting the healthcare and medical device sectors and implement necessary controls and procedures. Represent IT in response to internal and external audits.

• Budget and Resource Allocation: Develop and manage the allocated budget, ensuring strategic allocation of resources to support business objectives and maximize ROI. Review and approve purchases of IT infrastructure and security products and services.

• Vendor and Outsourcing Management: Negotiate and manage contracts with IT cloud and security service providers, vendors, and outsourcing partners. Ensure SLAs are met and that vendors comply with company standards and regulatory requirements.

• Budget and Resource Allocation: Develop and manage the allocated budget, ensuring strategic allocation of resources to support business objectives and maximize ROI. Review and approve purchases of IT infrastructure and security products and services.

• Risk Management: Identify, assess, and mitigate IT risks in alignment with the company's risk management framework. Implement disaster recovery and business continuity plans.
• Regulatory Compliance and Governance: Ensure IT infrastructure and cybersecurity practices meet the stringent requirements of public company governance, including ISO, SOX, HIPAA, and GDPR compliance. Maintain up-to-date knowledge of regulations affecting the healthcare and medical device sectors and implement necessary controls and procedures. Represent IT in response to internal and external audits.
• Risk Management: Identify, assess, and mitigate IT risks in alignment with the company's risk management framework. Implement disaster recovery and business continuity plans.
• Risk Management: Identify, assess, and mitigate IT risks in alignment with the company's risk management framework. Implement disaster recovery and business continuity plans.

• Cybersecurity Leadership: Lead the development and implementation of comprehensive cybersecurity strategies, policies, and practices to protect company assets, including medical device products, from cyber threats. Ensure compliance with relevant cybersecurity standards and regulations. Develop, create, and deliver employee training on IT cybersecurity best practices, current threats, vulnerabilities, and preventative actions. Select, qualify, and manage vendors for penetration testing and vulnerability scans. Follow IT security industry news about new tools, methods, threats, vulnerabilities, and other relevant information and suggest enhancements and preventative actions to the Inogen IT Cybersecurity & Compliance program.
• Connectivity Initiatives: Support initiatives to enhance product connectivity through IoT technologies, ensuring secure and compliant implementation across devices and platforms.

Knowledge, Skills, and Abilities

• Communication and Interpersonal Skills: Excellent work ethics, communication, and interpersonal skills, with the ability to convey complex IT and cybersecurity concepts to non-technical stakeholders.
• Strategic Planning and Execution: Proven ability to develop and implement IT strategies that support business goals and comply with regulatory standards.
• Analytical and Problem-Solving Skills: Strong analytical abilities and problem-solving skills. Ability to anticipate issues and formulate remedial actions.
• Communication and Interpersonal Skills: Excellent communication and interpersonal skills, with the ability to convey complex IT and cybersecurity concepts to non-technical stakeholders.
• Comprehensive IT and Cybersecurity Expertise: Deep understanding of IT infrastructure, cloud services (especially Azure), cybersecurity, IoT technologies, and regulatory compliance (SOX, COBIT, NIST, GDPR, FDA regulations for medical devices).
• Team Management: Must have strong work ethic with the ability to inspire and develop a diverse and geographically dispersed team. Experience in managing remote teams and fostering an inclusive work environment.
• Vendor and Stakeholder Management: Skilled in negotiating with and managing vendors and outsourcing partners. Ability to build strong relationships with internal and external stakeholders.
• Comprehensive IT and Cybersecurity Expertise: Deep understanding of IT infrastructure, cloud services (especially Azure), cybersecurity, IoT technologies, and regulatory compliance (SOX, COBIT, NIST, GDPR, FDA regulations for medical devices).

Qualifications (Experience and Education)

• Education: Bachelors degree in Information Technology, Computer Science, Engineering, or a related field. Masters degree preferred.
• Experience: Minimum of 10 years in IT infrastructure or cybersecurity in cloud and network engineering, server administration, data center administration or related experience, with at least 3-5 years with a supervisory or management role within the corporate IT department within a public company, preferably in the healthcare or medical device sector.

• Advanced knowledge/proficiency MS Project, PowerPoint, Excel, and other MS Office applications, required.

• Certifications: Relevant certifications in IT infrastructure, cloud services, and cybersecurity (e.g., CISSP, CISM, Microsoft Certified: Azure Solutions Architect Expert).

Disclaimer

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.