Information Security Lead

About Proscia

Proscia is revolutionizing pathology, the last major frontier in healthcare to embrace digital. As a leader in pathology AI software, we are empowering pathologists and scientists to transition from traditional microscope-based workflows to digital, AI-driven approaches, unlocking new possibilities in precision medicine.

The digital pathology market is experiencing explosive growth as advances in AI enable unprecedented insights into diseases like cancer. Pathology is central to medicine, and the shift to AI-powered solutions is not just modernizing workflows—it’s transforming how diseases are diagnosed, treated, and understood. Predictions for the future of pathology show a tidal wave of adoption, with experts describing the field as “poised for the next major breakthrough” in healthcare innovation.

Backed by over $100 million in funding from leading healthcare and technology investors, Proscia is at the forefront of this revolution. Joining Proscia means being part of a company at the cutting edge of healthcare innovation, where the possibilities are limitless. With the convergence of AI, precision medicine, and digital pathology, we’re not just changing pathology—we’re redefining what’s possible in medicine.

About this Position

We’re hiring a Lead of Information Security, reporting to the VP of Technical Operations. You’ll architect and evolve the security and compliance foundation of our Concentriq platform—used in regulated environments around the world. This is a high-impact leadership role focused on building a modern, rigorous security program where AI tools are part of how you and your team think, investigate, and operate every day.

What You’ll Do

Working at a startup like Proscia means wearing many hats, but when you come to work you can expect to focus on the following:

• Manage and evolve vulnerability management— tooling, reporting, and remediation governance. You understand the current evolution of the field and leverage AI appropriately for first-class vulnerability management: deliberately and with clear guardrails.
• Serve as a consultative security leader for Engineering, Product, and Customer teams—governing system designs, architecture, and implementation through a security-first lens.
• Implement AI native tooling to improve detection and response capabilities without incurring an increased demand on resources.
• Partner with Engineering to implement developer-friendly security tools that improve security posture and reduce compliance burdens without slowing velocity.
• Oversee incident response preparation, processes, and execution—ensuring coordinated action, effective communication, and the kind of thorough post-incident analysis that prevents the same problem twice.
• Under the direction VP, TechOps, improve  the Proscia Information Security Program, with a focus on governance, risk, and compliance (GRC) across the Concentriq suite of applications and Proscia’s business applications.
• Contribute to security policy development across regulated and non-regulated markets—implementing agentic workflows where it accelerates your research and stress-testing, iterating with stakeholders, and maintaining the rigor and compliance standards our customers expect.
• Influence and execute on the company’s regulatory roadmap—seeking new certifications and frameworks (e.g., ISO 27001, SOC 2, HITRUST) in response to customer and market demands.
• Enable other teams to answer security-related questions from customers, prospects, and partners providing expert information security guidance.
• Anticipate and adapt to  industry and regulatory trends, including how AI is reshaping both the threat landscape and the defender’s toolkit—and surface emerging requirements before they become urgent.
• Help shape internal security standards and documentation that work for both humans and AI-augmented workflows.

About You

You think in systems—you reason about how security, engineering, and compliance interact across the full stack, not just your own domain. AI tools are part of how you work: drafting policies, analyzing threats, reviewing configurations, pressure-testing your own thinking. You know when to trust AI output and when to change the approach. You iterate quickly, own your decisions, and you’re ready to put your stamp on a security program at a company that’s moving fast in regulated healthcare.

• 5+ years of experience in information security, including direct experience improving, and contributing to GRC programs.
• Proven expertise in regulatory frameworks such as ISO 27001, SOC 2, GDPR, HIPAA, FedRAMP, TX-RAMP, StateRAMP or similar.
• Experience with FDA regulations is an asset.
• Hands-on experience with vulnerability management tools, incident response, and security audits.
• Experience embedding security into software development lifecycles—DevSecOps principles applied in practice.
• Experience selecting, implementing, and managing security tooling (e.g., XDR, SIEM, endpoint, code scanning, etc.).
• Exceptional communication and influencing skills across technical and non-technical teams.
• A high degree of autonomy and ownership—comfortable leading cross-functional efforts and prioritizing in a dynamic environment.
• You already use AI tools in your security work—for policy drafting, threat analysis, log review, control validation, or however it fits your practice.
• Experience with cloud-native environments (AWS preferred)
• Experience building with or on top of LLMs, AI agents, or agentic pipelines.
• Familiarity with prompt engineering, tool use patterns, and evaluation of AI systems.

Nice-to-Haves

• Experience with SaaS platforms, and startup culture.
• A portfolio, published work, or contributions that show how you think about security problems.
• Background that spans multiple domains or disciplines.
• Active in security communities, forums, or meetups.
• Contributions to the broader AI security conversation.

Beyond Just Work

As a company in healthcare, we want our people to be happy and healthy, in and out of the office. In addition to competitive pay, we ensure everyone on our team is supported with savings, schedule, and insurance options that promote long-term health and personal growth.

Our office environment is designed for creativity and agility: with walls as notepads and couches for collaboration. We’re located in the heart of Philadelphia, with views of the city so you can spend your time focusing on what matters most.

At Proscia, we don’t just accept differences — we celebrate them, we support them, and we thrive on them for the benefit of our employees, our products, and our community. Proscia is proud to be an equal opportunity workplace.