Role Overview
Tonal is hiring a Director, IT & Security. This is a contract remote role, with the team based in Austin. Part of Tonal's Lifecycle hiring, posted yesterday. Full responsibilities, required qualifications, and the apply link are listed in the description below.
Salary Context
Salary is not disclosed in this posting. Market median for Lifecycle roles is $110k-$158k (based on 216 comparable listings). Many employers share specifics during the interview process or after an initial screen.
Resume Keywords to Include
Make sure these keywords appear in your resume to improve ATS scoring
Job description
OVERVIEW
Tonal is the world's most intelligent strength training system, combining hardware, software, AI, computer vision, and world-class content to help people build strength and live healthier. Tonal is now expanding into healthcare and clinical applications, connecting strength training technology with providers, employers, and payers to deliver measurable health outcomes — raising the bar for what our IT and security function needs to deliver.
We're looking for a Director of IT & Security to own this function end-to-end. This role carries the highest privileges across our most sensitive systems and direct accountability for IT and security outcomes company-wide. You'll report to the VP of Business Technology and work closely with senior leadership. The ideal candidate has a start-up mentality — comfortable moving fast in a lean, resource-constrained environment, while never losing sight of the security and compliance discipline a healthcare-adjacent company requires.
WHAT YOU WILL DO
- Own end-to-end IT operations, including device lifecycle, onboarding/offboarding, SaaS administration, identity and access management, help desk, and office infrastructure across all locations.
- Lead the technical controls side of Tonal's HIPAA compliance program, implementing the safeguards required by the HIPAA Security Rule and HITECH Act — encryption, SIEM, MDM/EDR, and role-based access.
- Own and execute Tonal's security program: penetration testing remediation, security policy, tabletop exercises, vendor security reviews, and incident response.
- Govern Tonal's AI tool ecosystem, including licensing, spend, API key governance, corporate AI policy, and DLP and prompt injection protections. Drive AI training and best practices across the organization.
- Administer Tonal's SaaS portfolio, owning contract renewals, license optimization, and vendor negotiations across critical platforms.
- Drive automation and identity governance maturity, including Okta Identity Governance, expanding SCIM-based provisioning, building & enforcing RBAC frameworks, and driving workflow automation and system integration.
- Lead and grow the IT & Security team, managing engineers and administrators, overseeing the virtual CISO engagement, owning the budget and aligning org structure to Tonal’s needs.
- Own IT documentation and process improvement, maintaining runbooks and closing gaps in onboarding, offboarding, and incident response, and driving overall automation.
- Manage global physical infrastructure — networking, Wi-Fi, AV, and physical access — across a distributed, multi-office footprint.
- Serve as a trusted operator on Tonal's most sensitive matters, from executive access provisioning to security incidents and legal holds.
- Report regularly to senior leadership and the C-suite, translating IT & Security roadmap priorities, progress, technical risk and incident management into clear, actionable narratives.
WHO YOU ARE
- 10+ years in IT and security leadership, with full functional ownership and experience across identity and access management, endpoint security, SaaS administration, network infrastructure, and security program management.
- Hands-on HIPAA compliance implementation experience, beyond writing policies
- Track record of building a security program from the ground up: policy, penetration testing, and real incident response
- Broad expertise across identity and access management, endpoint security, SaaS administration, and network infrastructure
- Equally comfortable configuring technical systems and presenting security risk to executive leadership
- A start-up mindset: thrives in fast-moving, resource-constrained environments without cutting corners on security
- Proven ability to prioritize with a lean team and limited budget, with outcomes to show for it.
- Experience managing a large SaaS portfolio, including contract renewals, vendor negotiation, and license governance
- Strong people leadership skills, setting clear expectations and developing team members
- High standards of trust, integrity, and discretion, given access to the company's most sensitive systems
EXTRA CREDIT
- HIPAA compliance roll-out and execution, owning the technical controls end-to-end.
- Experience with SOC 2 Type II, NIST CSF, or HITRUST in a hands-on implementation capacity
- Background in healthcare technology, digital health, or clinical-grade software environments
At Tonal, we believe that the unique and varied lived experiences of our teammates contribute to our overall strength. We don’t just appreciate differences, we celebrate them, and we always seek people that represent a wide variety of backgrounds. We’re dedicated to adding new perspectives to the team and designing employee experiences that contribute to your growth as much as you do to ours. If your experience aligns with what we’re looking for (even if you don’t check every single box), send us your application. We would love to hear from you!
Tonal is committed to meeting the diverse needs of people with disabilities in a timely manner that is consistent with the principles of independence, dignity, integration, and equality of opportunity. Should you have any accommodation requests, please reach out to us via our confidential email, accessibility@tonal.com. All requests will be addressed and responded to in accordance with Tonal’s Accessibility Policy and local legislation.
About Tonal
Frequently Asked Questions
How do I apply for the Director, IT & Security position at Tonal?
Use the Apply button above to submit your application directly to Tonal. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.
Is the Director, IT & Security role at Tonal remote?
Yes. This is a remote role. The team is based in Austin, but the position itself does not require relocating to that office.
What does a Director, IT & Security at Tonal earn?
Tonal has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.
When was the Director, IT & Security role at Tonal posted?
This role was posted on July 9, 2026 (yesterday). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.
Similar Jobs
More Jobs at Tonal
View all →AI-powered job search
Get every job scored to your resume
Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.
Get started freeNo credit card to start