Director, Information Technology Governance
About The Position
Point C is a National third-party administrator (TPA) with local market presence that delivers customized self-funded benefit programs. Our commitment and partnership means thinking beyond the typical solutions in the market – to do more for clients – and take them beyond the standard “Point A to Point B.” We have researched the most effective cost containment strategies and are driving down the cost of plans with innovative solutions such as, network and payment integrity, pharmacy benefits and care management. There are many companies with a mission. We are a mission with a company. The Director, Information Technology Governance & Risk Management will lead Point C’s IT security governance program, reporting to the CISO. This role is responsible for developing and managing security policies, overseeing risk and compliance initiatives, and ensuring alignment with HIPAA, HITRUST, and SOC 2. This leader will drive security awareness, vendor risk management, and enterprise risk governance while translating regulatory requirements into practical, scalable processes.
Requirements
- 8+ years in information security, IT governance, or risk management
- 3+ years leading governance or compliance programs in healthcare or regulated industries
- Experience with HITRUST, SOC 2 Type II, and HIPAA
- Proven experience building policy, awareness, and vendor risk programs
- Strong risk management, stakeholder communication, and executive reporting skills
Nice To Haves
- CISA, CISSP, CRISC, or CISM preferred
Responsibilities
- Lead IT governance, including policy development, lifecycle management, and governance committee oversight
- Maintain an auditable policy library with structured review and approval processes
- Align security policies with HIPAA, HITRUST, SOC 2, and other regulatory frameworks
- Translate audit findings into actionable controls and remediation plans
- Own the IT security awareness and training program, including role-based training and phishing simulations
- Oversee vendor and third-party risk management, including due diligence, risk assessments, and ongoing monitoring
- Manage the IT risk register and drive risk mitigation strategies with executive reporting
- Support audit readiness through control testing, reporting, and coordination of internal/external audits
- Promote adoption of enterprise security standards across identity, access, and data protection
Benefits
- Comprehensive medical, dental, vision, and life insurance coverage
- 401(k) retirement plan with employer match
- Health Savings Account (HSA) & Flexible Spending Accounts (FSAs)
- Paid time off (PTO) and disability leave
- Employee Assistance Program (EAP)
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Director
Education Level
No Education Listed
