Technology & Security Executive

Where business growth, cyber risk, and responsible AI converge.

Twenty-three years building and securing global technology organizations across regulated healthcare SaaS, biotech, and financial services. Today, leading enterprise IT, cybersecurity, infrastructure, and AI governance at Reveleer. Partnering with the CEO, CFO, and Board on the decisions that earn customer trust.

Download Resume Get in touch
Boston, MA CISSP · CRISC · CEH · PMP Available for Conversations
2026
Kinan Al Haffar
23+
Years in Enterprise
Technology Leadership
11
M&A Integrations
Led End-to-End
$10M+
In Verified
Cost Savings Delivered
60+
Global IT Professionals
Across 17 Locations
01 — Profile

A career built where strategy, security, and engineering meet.

I'm an enterprise technology and security executive who spends his days at the intersection of business growth, cyber risk, compliance, and AI adoption, mostly in regulated healthcare SaaS, where getting all four right at once is the job.

I've built and scaled global technology organizations that treat security and IT as a single strategic function rather than two competing ones. I've led technology through eleven M&A integrations, advised boards on AI and cyber risk, achieved SOC 2, HITRUST, and ISO 27001 attestations, and built global teams that have outlasted the org charts I drew them on.

"Security is not a product, but a process." — Bruce Schneier
02 — Expertise

The practice areas I'm known for.

/ 01
Cybersecurity & Risk
Building defense-in-depth programs for regulated SaaS: from SOC 2 and HITRUST attestation through executive cyber risk reporting and incident response readiness.
CISOSOC 2HITRUSTISO 27001XDR · IAM · SASE
/ 02
M&A Integration
Eleven integrations led end-to-end across identity, devices, collaboration, security tooling, and cultural alignment. The work that turns a deal into an operating company.
Due DiligenceDay-1 ReadinessIdentity MigrationPE-Backed
/ 03
AI Governance & Adoption
Standing up AI policy, agent governance, and PHI-safe usage frameworks. Pairing employee enablement with the controls Legal, Compliance, and customers need to see.
AI PolicyAgent GovernanceBAA StrategyLLM Deployment
/ 04
Cloud & Infrastructure
Modern, multi-cloud architectures with disaster recovery built in across AWS, Azure, and GCP. Containerized microservices, managed databases, and serverless workloads.
AWS · Azure · GCPEKSDevOpsDR & BCP
/ 05
IT Strategy & Operations
Translating business strategy into technology roadmaps, vendor portfolios, and the unglamorous operational discipline that lets a SaaS platform scale without breaking.
Budgets to $25MVendor StrategyITSMKPIs & SLAs
/ 06
Executive Partnership
Board-level reporting on cyber and AI risk. Day-to-day partnership with CEO, CFO, GC, and Compliance. Translating technical reality into the language executives use to decide.
Board ReportingCompliance CmteCEO/CFO Partner
03 — Experience

A path through the regulated end of technology.

2023 — Present
VP, IT, Security & Infrastructure / CISOReveleer · Glendale, CA
Healthcare SaaS. Lead IT Operations, SecOps, Compliance, and DevOps. Concurrent CISO and Privacy & Data Protection Officer. Board Compliance Committee partner.
2022 — 2023
VP, IT & Infrastructure / CIODotmatics · Boston, MA
Recruited to modernize legacy stack and lead cloud-first transition. Global responsibility across 14 locations and 1,000+ employees. M&A integration leadership.
2018 — 2022
VP, IT & Production Support / CISOCareMetx · Boston, MA
Rebuilt IT/DevOps; turned IT into a true business partner. Secured and scaled the Resilix SaaS platform across 17 locations and 1,500+ employees. 13 direct reports.
2016 — 2018
IT Operations ManagerAbiomed · Danvers, MA
Filled the IT leadership vacuum and rebuilt the function. Global operations across US, Germany, and Japan supporting 1,700+ employees. 16 direct reports.
2013 — 2016
Senior Systems Engineering RolesClean Harbors · Boston Helpdesk
Senior systems engineering across complex enterprise infrastructure programs and consultative client engagements.
2003 — 2012
Earlier CareerBank Audi · MHG International · SKIC · Others
Foundational years across banking, insurance, and group IT leadership in Damascus, including IT Group Manager owning architecture, security, and vendor strategy for the holding.
04 — Credentials

Certifications and academic foundation.

C
CISSP
ISC² · Security Professional
R
CRISC
ISACA · Risk & Information Systems Control
E
CEH
EC-Council · Ethical Hacker
P
PMP
PMI · Project Management Professional
Executive & Academic Education
Executive Certificate, Management & Leadership
MIT Sloan School of Management
Professional Certificate, Leadership & Communication
HarvardX
Master of Management, Information Technology
Charles Sturt University · Australia
Bachelor of Humanitarian Science, History
Damascus University · Syria
05 — Writing

Notes on security, AI, and the executive seat.

Forthcoming
Featured Essay · 2026

Building an AI Governance Program That Survives First Contact With Legal, Compliance, and the People Who Have to Use It

What I've learned standing up AI policy and agent governance inside a regulated healthcare SaaS, including the PHI and BAA nuances most enablement-first programs miss until it's expensive to fix.

Read on LinkedIn
Field Note Compliance

Closing the BYOD Gap Without Breaking the Employee Experience

Why Microsoft Intune MAM paired with Conditional Access tends to be the right shape of answer for HITRUST mobile device control.

Coming soon
Playbook M&A

Eleven Integrations In: A CIO's Day-1 Checklist

The things you only learn after the fifth or sixth integration: identity, devices, security tooling, and the cultural work no due-diligence binder mentions.

Coming soon
06 — Voices

What others have said.

"
In our time working together, Kinan and I built a strong, collaborative partnership that squared security and technology into two complementary yet independent functions. The CIO of the future comes with a strong security mind, and Kinan has and does exactly that.
Daniel Ayala Chief Security & Trust Officer · Dotmatics
"
Kinan has built and strengthened the backbone of HCS's security with incredible tenacity and unwavering focus. He led his team through a grueling SOC 2 Type 2 certification, cementing our clients' trust in our platform, security, and data management.
Gil Dror Chief Technology Officer · Human Care Systems
"
Kinan gave me excellent security advice to help me prepare my company for an IPO. He identified security issues I did not realize I had, and his explanations opened my eyes to a lot of new security topics. I was able to plug many security holes thanks to him.
Steve Ariza Principal Software Architect · 908 Devices
07 — Contact

For executive search, board work, and serious conversations.

Email info@kinanalhaffar.com Direct +1 (617) 982-3342 LinkedIn /in/kinanalhaffar
Based in Boston, Massachusetts