Director of Security (75555)

Centurion is proud to be a leading provider of comprehensive healthcare services to correctional facilities state hospitals and community mental health centers nationwide.

Position Summary

Centurion is seeking an experienced strategic and execution-oriented Director of Securityto lead and mature our enterprise security program across a complex multi-state healthcare environment. This leader will be responsible for cybersecurity operations risk management security engineering incident response governance and security strategy in support of a growing and evolving organization.

The Director of Security will serve as a key leader within the IT organization working closely with infrastructure applications service delivery compliance operations and executive leadership to protect Centurions systems data and business operations. This role requires a leader who can balance strategy with execution build strong internal and external partnerships hold teams accountable and drive measurable security outcomes.

This is not a theoretical security role. We are looking for a practical high-impact leader who understands how to build and operationalize security in a healthcare environment where reliability responsiveness and sound judgment matter.

Key Responsibilities:

Security Strategy & Leadership

• Lead the development execution and ongoing maturity of Centurions enterprise cybersecurity strategy roadmap and operating model.
• Align security initiatives with business priorities regulatory requirements operational realities and the broader IT strategy.
• Serve as the senior leader responsible for day-to-day security direction decision-making and program accountability.
• Advise the CIO and executive leadership on security posture emerging threats material risks and investment priorities.
• Build a culture of accountability responsiveness and continuous improvement across the security function.
• Lead the security vendor management lifecycle assist in shaping strategy governance performance accountability and long-term partnerships.

Security Operations & Incident Response

• Lead security operations across monitoring detection investigation containment response and recovery activities.
• Oversee relationships and operating effectiveness with managed security partners and service providers ensuring strong performance clear escalation and meaningful outcomes.
• Ensure effective use of security monitoring and SIEM platforms including Google Chronicle and related detection and response capabilities.
• Establish and maintain clear incident response procedures escalation paths communication protocols and after-action review processes.
• Drive improvements in threat detection alert triage response speed and operational resilience.

Security Engineering & Architecture

• Partner with infrastructure and enterprise technology teams to design and implement secure scalable and supportable security controls.
• Lead security engineering efforts across endpoint protection identity and access management network security email security vulnerability management cloud security logging and data protection.
• Ensure security solutions are integrated thoughtfully into the enterprise environment without creating unnecessary operational burden or complexity.
• Support modernization efforts by embedding security into cloud strategy Microsoft ecosystem initiatives enterprise applications and future digital platforms.

Risk Governance & Compliance

• Establish a pragmatic and business-relevant approach to cyber risk management control assessment and remediation tracking.
• Partner with internal stakeholders to support HIPAA healthcare security requirements contractual obligations audits and policy compliance.
• Maintain and evolve security policies standards procedures and governance processes to reflect the needs of a modern healthcare enterprise.
• Present clear actionable reporting on risk incidents vulnerabilities and program maturity to executive leadership.
• Demonstrated expertise enabling and operationalizing NIST frameworks including 800-171 and 800-53 with hands on experience supporting FedRAMP & GovRAMP compliance
• Lead vulnerability management and remediation governance ensuring risks are identified prioritized tracked and resolved in partnership with system owners.

Identity Access & Data Protection

• Oversee strategy and operational controls related to identity governance privileged access authentication and role-based access.
• Ensure appropriate safeguards are in place to protect sensitive business and healthcare information across systems users devices and third parties.
• Partner with application and operational leaders to strengthen data security practices while maintaining business usability.

Team Development & Cross-Functional Leadership

• Build lead and mentor a high-performing security team with clear expectations strong ownership and a service-oriented mindset.
• Develop internal talent and create scale through effective processes prioritization and smart use of partners and platforms.
• Collaborate effectively with leaders across infrastructure field operations enterprise applications service desk compliance legal HR and business operations.
• Act as a trusted escalation point for complex security matters and critical business decisions.

• Bachelors degree in Cybersecurity Information Technology Computer Science or related field; equivalent experience will also be considered.
• 10 years of progressive experience in information security cybersecurity or related IT leadership roles.
• 5 years of experience leading security teams or major security functions in a complex enterprise environment.
• Demonstrated success leading security operations incident response risk management and security engineering programs.
• Experience working with MSSPs security tooling vendors and enterprise security platforms.
• Experience with SIEM technologies and security monitoring programs; experience with Google Chroniclestrongly preferred.
• Strong understanding of identity and access management vulnerability management endpoint security cloud security network security and governance practices.
• Experience in healthcare highly regulated industries or distributed multi-site environments strongly preferred.
• Strong executive communication skills with the ability to translate technical risk into business language.
• Proven ability to lead through influence drive accountability and deliver results in fast-moving environments.
• Relevant certifications such as CISSP CISM GIAC CCSP Microsoft SC-100

Preferred

• Experience in correctional healthcare payer/provider healthcare or other complex care-delivery environments.
• Familiarity with Microsoft security ecosystem cloud security controls and enterprise modernization initiatives.
• Experience building or maturing a security program undergoing transformation modernization or operational scale-up

Leadership Profile

The successful candidate will be:

• Strategic but hands-on able to set direction while also driving execution.
• Practical and business-minded focused on reducing risk in ways that support the mission not slow it down.
• Accountable and decisive willing to make sound decisions own outcomes and elevate issues quickly when needed.
• A builder of teams committed to developing talent raising standards and creating clarity.
• Collaborative and credible able to partner across IT and business functions while earning trust through consistency and delivery.
• Operationally disciplined capable of creating structure metrics and repeatable processes in a growing environment.

What Success Looks Like in This Role

• A stronger more mature and more accountable enterprise security program.
• Improved visibility monitoring and response across the environment.
• Clearer ownership and faster remediation of risks and vulnerabilities.
• Strong partnership with IT and business leaders with security viewed as an enabler rather than an obstacle.
• Effective management of security vendors and partners with measurable performance.
• Security strategy and operations that scale with Centurions growth modernization and digital evolution.