Senior Director of Information Security and Risk Management

As the strategic leader of our enterprise security youll define and drive the vision for safeguarding our systems data and customers. This role blends big-picture strategy with deep technical expertise overseeing application security infrastructure security SOC operations incident response and third-party risk management. With 10 years in information security and at least 5 years in progressive leadership roles you bring the proven ability to build resilient security programs lead high-performing teams and serve as a trusted advisor. Your background in regulated environments including HIPAA/HITECH combined with recognized security certifications sets you apart. If youre ready to drive security in healthcare technology lets talk!

You Value: Communication Integrity Results

Spend your days:

• Overseeing all aspects of information security including application security infrastructure security SOC operations incident response and third-party risk management
• Serving as a trusted advisor to executive leadership on security posture risk and enterprise resilience
• Defining and executing the companys security strategy aligned with business objectives building a proactive security posture that protects systems data and customers
• Leading major incident response efforts from technical containment to executive and board-level communications
• Partnering with IT DevOps and business units to embed security into technology systems and business processes
• Managing SOC operations threat detection and secure design of systems applications and cloud environments (AWS Azure)
• Ensuring adherence to leading security and compliance frameworks including HIPAA HITECH FedRAMP SOC 2 ISO 27001 and PCI DSS
• Supporting compliance teams by providing technical security expertise during audits and assessments
• Building the foundation for a scalable security organization positioning yourself as a strategic leader!

Qualifications :

Show us your:

• Bachelors degree in computer science or engineering and 10 years of professional experience in information security
• At least 5 years of experience in progressive leadership roles with proven ability to develop talent lead through others and drive team performance
• Demonstrated success leading enterprise-wide security programs including incident response SOC operations and threat detection capabilities
• Strong knowledge of cloud security architecture (AWS Azure) and modern security technologies
• Deep understanding of security and compliance frameworks including HIPAA FedRAMP NIST CIS benchmarks SOC 2 and ISO 27001
• Recognized security certifications such as CISSP or CISM; additional certifications like CISA CCSP AWS Security Specialty or Azure Security Engineer are highly valued
• Hands-on experience with application and infrastructure security tools including SAST/DAST Aikido Wiz KnowBe4 and Microsoft Defender
• Experience in Healthcare IT environments including SaaS delivery and EHR systems with a strong grasp of HIPAA/HITECH compliance requirements
• Executive presence with strong presentation and communication skills to engage and align cross-functional stakeholders
• Strategic thinker you can see the big picture while focusing teams on execution and delivery
• Outcome-focused results-oriented mindset a decisive leader who sees challenges as opportunities and approaches work with optimism

Additional Information :

Our team members enjoy:

• Salary $170000 to $185000 based on experience and full suite of benefits
• An incredibly committed team of professionals who support and challenge each other
• Meaningful high-impact work that directly improves patient care and healthcare technology

Goldstone Partners is helping this dedicated organization find talented professionals who want to serve. Applications welcome for those who are US Citizens or hold a Green Card. Principals only please. 

Remote Work :

Yes

Employment Type :

Full-time