Director of Information Security

About The Position

Requirements

• 8+ years of experience in cybersecurity, with 3+ years in a leadership or management role.
• Demonstrated experience with PCI DSS compliance and audit preparation.
• Strong experience with Governance, Risk, and Compliance (GRC) frameworks.
• Hands-on experience with endpoint protection platforms such as CrowdStrike.
• Experience implementing or managing Identity and Access Management (IAM) and SSO solutions.
• Experience with cloud security and SaaS security governance.
• Experience with Microsoft security ecosystem (Azure AD / Entra, Conditional Access, etc.).
• Knowledge of modern security frameworks such as NIST, CIS, or ISO 27001.
• Strong communication skills with the ability to translate security risks for business stakeholders.

Nice To Haves

• Certifications such as CISSP, CISM, CRISC, or CISA.
• Experience securing multi-site healthcare or retail environments.
• Experience with cloud security and SaaS security governance.
• Bachelor’s degree in Information Security, Computer Science, Information Systems, or related field.

Responsibilities

• Security Leadership & Strategy Develop and lead AmeriVet’s enterprise information security strategy and roadmap.
• Establish and maintain security policies, standards, and governance frameworks.
• Partner with IT and business leaders to integrate security best practices into operations and technology initiatives.
• Provide regular security risk reporting and recommendations to executive leadership.
• Governance, Risk & Compliance (GRC) Lead the IT/Info Sec GRC program, including risk assessments and control frameworks.
• Ensure compliance with PCI DSS requirements and other applicable regulatory standards.
• Oversee internal and external security audits, vulnerability assessments, and remediation efforts.
• Manage third-party risk management and vendor security assessments.
• Identity & Access Management Oversee enterprise Identity and Access Management (IAM) strategies and processes.
• Implement and maintain Single Sign-On (SSO) solutions to improve both security and user experience across veterinary practices and corporate teams.
• Establish access governance, provisioning, and role-based access controls across systems.
• Security Operations Oversee security monitoring and endpoint protection platforms including CrowdStrike.
• Manage incident response processes, investigations, and remediation.
• Partner with infrastructure and cloud teams to implement secure architecture and endpoint protection standards across all AmeriVet locations.
• Risk Management & Incident Response Develop and maintain an enterprise cybersecurity risk management program.
• Lead the organization’s security incident response and recovery procedures.
• Identify emerging threats and implement proactive mitigation strategies.
• Security Awareness Maintain a security awareness program to educate corporate and practice teams on cybersecurity best practices.
• Promote a strong security culture across AmeriVet.

Benefits

• Tailored development programs, mentorship, and career pathing to help you achieve your unique goals.
• Competitive pay, performance bonuses, 401(k) matching, and student loan assistance to foster your financial well-being.
• Health, dental, vision, life insurance, and mental health resources to support your overall well-being.
• Generous paid time off and holidays, because your personal time matters.
• A supportive, collaborative environment where everyone feels a sense of belonging.