Director, Information Security

About The Position

Requirements

• Ability to work as part of a multidisciplinary team and collaborate with those in different disciplines
• Advanced skill in administering data security programs
• Advanced skill in disaster recovery planning
• High level of interpersonal and verbal communication skills
• Knowledge with security implications of cloud-based information systems and experience driving transformational change within cloud-based, secure environments with control systems
• Experience working with the security needs and compliance requirements of financial and healthcare institutions
• Demonstrated experience in deploying and operating the following tools: CrowdStrike, Knowbe4, Qualys, Rapid7, Orca, ThreatLocker, Thycotic, Trend Micro Email Security, Directory Synchronization Tool, Trend Micro Full Disk Encryption, Pentera, Immersive Labs, or equivalent
• Ability to deal effectively with problems involving several variables
• Leadership skill – ability to coach, train, manage performance, budget plan, and manage staffing in a way that contributes to a high performing and cohesive team
• Courage – ability to have tough conversations and deliver accurate advice and decisions regardless of risk or potential criticism
• Tech Savvy – anticipates and adopts innovations in business-building digital and technology applications
• Member First – exhibits full commitment to serving members and/or clients by prioritizing their needs first in alignment with our program’s purpose. This commitment is demonstrated through understanding of the program(s), provided through quality and timely service while exercising empathy in every interaction. Every CCM employee shares responsibility to steward resources faithfully, removing barriers to understanding, and creating accessible, connected, and Christ-centered experiences.
• Humble – demonstrates Christ-Centered humility by honoring others, accepting feedback, and prioritizing collective success over individual recognition
• Hungry – exhibits initiative, perseverance, and commitment to serving God through excellence. Demonstrates passion for personal and organizational growth while diligently advancing the mission of Christian Care Ministry
• Smart – shows relational and emotional intelligence, communicates effectively, collaborates harmoniously, and reads social cues with grace and discernment
• Bachelor’s degree in Computer Science, Information Systems, Cyber Security or closely related field with 8+ years of progressive experience required
• 5+ years’ experience working with IT guidelines and requirements compliant with at least two of the following - HIPAA, PCI-DSS, HITRUST, SOC 1/2/3 required
• Prior supervisory experience leading IT security professionals required
• Minimum Age Requirement: Candidates must be at least 18 years of age at the time of hire.

Nice To Haves

• preferably in a healthcare payer or financial services organization of similar size or larger.

Responsibilities

• Develop and maintain IT Security Roadmap, including timelines and budgets
• Lead the IT Security plans for Artificial Intelligence, including Agentic AI for software development and business process automation
• Provide IT Security expertise for, and actively participate in, the AI Oversight Committee
• Plan, design, develop, and implement Information Security policies and practices across all aspects of the company’s hybrid infrastructure environment using common security tools
• Lead team of Information Security professionals to drive vision, goals, and objectives including managing staffing, performance, and budgets
• Maintain IT Compliance and Information Security framework, information security and risk management policies, standards, and guidelines
• Conduct regular security monitoring and reporting to ensure adequate security defenses, systems, and settings are in place to protect against intrusion, theft, destruction, or misuse of company information
• Coordinate and execute proactive information security consulting to the business and IT teams covering cyber security, management of electronic data, network architecture, and access management
• Lead security incident response process
• Strictly adhere to, and enforce system security policies and follow all company standards.
• Must comply with applicable laws and regulations, including but not limited to: banking laws, PCI/PHI, and HIPAA regulations
• Monitor internal control systems to ensure that appropriate information access levels are maintained.
• Perform security audits on software, networks, and hybrid environments (on-premises, public cloud, private cloud, SaaS)
• Perform information security risk analysis and periodic information system activity reviews for information security processes
• Develop and maintain an executive scorecard based on IT organization OKRs for IT Security
• Lead all IT Security audit responses, management responses, and action plans
• Provide input (Board-ready) to CIO for Board presentations
• Contribute to the exercise and expression of Christian Care Ministry’s Christian beliefs
• All other duties as assigned

Benefits

• 100% paid Medical for employees/99% for family
• Generous employer Health Savings Account (HSA) contributions
• Employer-paid Life Insurance (3x salary) and Long-term Disability Insurance
• 6 weeks of paid parental leave (for both mom and dad)
• Dental - two plans to choose from
• Vision
• Short-term Disability
• Accident, Critical Illness, Hospital Indemnity
• 401(k) – up to 4% match on ROTH or Traditional contributions
• Generous paid-time off and 11 paid holidays
• Wellness plan including Financial, Occupational, Mental/Spiritual, and Physical health incentives up to $50/mo
• Employee Assistance Program including no cost, in-person mental health visits and employee discounts
• Monetary Anniversary Awards Program
• Monetary Birthday Awards
• Tuition Reimbursement Program