Director, Cybersecurity

Ensemble Health PartnersCincinnati, OH
$148,000 - $267,840Remote

About The Position

The Director, Cybersecurity Governance, Risk and Compliance (GRC) leads a team of security professionals in the development and implementation of an enterprise-wide cybersecurity governance, risk management, and compliance program. This includes leading the development of security policies and standards, managing enterprise and third-party risk assessments, and overseeing regulatory and industry compliance efforts. The Director will also be responsible for maintaining compliance with all applicable industry regulations and standards and for reporting on the organization's cybersecurity risk posture to executive leadership.

Requirements

  • 5+ years of experience in cybersecurity governance, risk management, or compliance
  • Relevant certification preferred (e.g., CISSP, CISM, CRISC, or CISA) and experience with risk management frameworks such as NIST CSF, ISO 27001, or COBIT
  • Hands-on experience with GRC platforms and tools (e.g., Archer, ServiceNow GRC, OneTrust, AuditBoard, or LogicGate)
  • Experience establishing and maintaining an Information Security Management System (ISMS)
  • Experience working with cross-functional teams to implement governance and risk management practices
  • Experience maintaining compliance with industry regulations and standards (e.g., HIPAA, SOC 2, PCI-DSS, GDPR)
  • Strong communication and presentation skills
  • Ability to work independently and lead a highly skilled GRC team
  • Strong analytical and critical thinking skills
  • Ability to work under pressure and meet deadlines
  • Must be inquisitive and demonstrate openness to innovation including AI to explore better processes and ways to alleviate friction and improve patient and client experiences.

Responsibilities

  • Develop and implement a comprehensive cybersecurity governance, risk, and compliance (GRC) program that includes risk management, regulatory compliance, and policy governance.
  • Work with other departments to ensure risk management and compliance requirements are integrated into all enterprise functions.
  • Conduct enterprise-wide cybersecurity risk assessments, including third-party and vendor risk, across all in-scope systems and business units.
  • Develop and maintain relevant security policies and procedures
  • Train relevant staff regarding cybersecurity governance, risk, and compliance best practices and stay up to date on the latest regulatory requirements and industry trends.
  • Manage internal and external audits and regulatory assessments, and develop reporting on the organization's cybersecurity risk posture and compliance status for executive leadership and the board.

Benefits

  • healthcare
  • time off
  • retirement
  • well-being programs
  • professional development
  • tuition reimbursement
  • quarterly and annual incentive programs
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service