Vice President, Information Security
Procaresolutions · Denver, CO; Atlanta, GA · Posted Jul 7, 2026
Apply on company site Track it in JobSkout
About Procare
For over 30 years, Procare Solutions has been dedicated to empowering early childhood educators by providing products and services that enable them to focus on the care, safety and education of children. We recognize the responsibility that comes with nurturing and educating children, which is why our child care management solutions are designed to automate business processes, help ensure safety and compliance, communicate with families and provide educational resources and training to help teachers and children thrive.
Over 40,000 satisfied customers have chosen Procare Solutions as their trusted partner in providing exceptional care for young minds.
A Little About the Role
The VP Information Security is a senior leader responsible for establishing and executing Procare’s enterprise-wide information security strategy, program, and culture. Reporting to the CTO this role will serve as the company's top security leader — translating complex cyber risk into business language, protecting customer data, enabling compliant product growth, and building a world-class security organization.
This is an operationally engaged, high-visibility role that blends strategic vision with operational execution. The ideal candidate is a proven security leader who thrives in a fast-moving SaaS environment, understands how security is changing in an AI first world, and can operate confidently in the boardroom while remaining deeply trusted by engineering and product teams.
Procare's security organization protects 40,000+ childcare centers and millions of families who depend on our platform daily. Our program includes:
Mature compliance posture: SOC 2 Type II certified across all products; PCI DSS v4.0.1 Level 1 Service Provider; TX-RAMP authorized
Enterprise security tooling: CrowdStrike NextGen-SIEM, Contrast Security/Veracode for application security, Automox for patch management, Barracuda/Abnormal.ai for email security
Proactive security culture: Monthly product security meetings, CSIRT incident response team, public trust center (SafeBase), quarterly Security Steering Committee with C-suite participation
Parent company support: Member of Roper Technologies family with access to shared security resources, threat intelligence, and enterprise tooling
What you’ll do:
Security Strategy Leadership
Define, own, and continuously evolve a multi-year enterprise security roadmap aligned to business objectives, growth stage, and risk appetite
Serve as the primary security advisor to the executive leadership team, present security posture, risk metrics, and investment cases with clarity
Lead a high-performing security organization including Security Operations, GRC, AppSec, and Cloud Security functions
Champion a security-first culture across the company through education, executive sponsorship, and accountability
Translate technical risk into business impact using quantitative risk frameworks (e.g., FAIR) to influence budget and strategic decisions
Navigate Roper Technologies cybersecurity framework, maintaining compliance with mandatory foundational controls and implementing selected optional controls to achieve maturity targets; serve as primary security liaison to parent company
Establish AI security governance program to evaluate, approve, and manage AI tool adoption across the organization; implement controls for AI-specific risks including data leakage, prompt injection, and model security
Manage security across diverse product portfolio (5+ applications) with varying technology stacks, customer bases, and compliance requirements; ensure consistent security standards while accommodating product-specific needs
Build and maintain executive cybersecurity dashboards providing real-time visibility into security posture, risk metrics, and program progress for board, parent company, and executive leadership
Cloud Product Security
Secure the company's SaaS platform and cloud environments (AWS/Azure/GCP) by driving secure SDLC, vulnerability management, remediation SLAs, and penetration testing programs
Partner with Product and Engineering leadership to embed security by design — shifting security left into development workflows without impeding velocity
Oversee Identity and Access Management (IAM), Zero Trust architecture, data encryption, and cloud security posture management (CSPM/CNAPP)
Define and maintain security standards for APIs, microservices, container security, and third-party integrations
Governance, Risk Compliance (GRC)
Own and maintain the company's Information Security Management System (ISMS), risk register, and policy framework
Lead and maintain Type II and PCI DSS v4.0.1 certifications; oversee ISO 27001, TX-RAMP, GDPR, CCPA, and other applicable regulatory frameworks
Manage customer security questionnaires, enterprise security reviews, and security-related RFP/procurement processes in partnership with Sales and Legal
Develop and enforce vendor and third-party risk manageme…